Apply on Employer Site

BCMC · 1 month ago

ServiceNow SecOps Business Process / Technical Consultant

Dulles Town Center, VA

Full-time

Onsite

Senior Level, Lead/Staff

8+ years exp

BCMC is a small business specializing in IT and Cybersecurity, supporting a U.S. Government customer on a mission-critical cyber operations program. The role involves designing, developing, and implementing ServiceNow SecOps solutions to enhance security threat detection and response capabilities.

Information ServicesInformation Technology

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Designing, prototyping, and implementing ServiceNow SecOps applications, including:

Security Incident Response (SIR): enrichment, correlation rules, and automated playbooks

Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation

Configuration Compliance (CC): policy exception handling, remediation tasks, compliance dashboards

Threat Intelligence (TI): ingestion of IOCs, sightings search, enrichment workflows

Supporting the customer’s roadmap for Splunk integrations to enable alert ingestion, bi-directional incident synchronization, and SIEM dashboards

Developing custom integrations with SIEM, scanner, and intel tools (e.g., Splunk, Tenable, VirusTotal, Hybrid Analysis) using IntegrationHub, REST/SOAP APIs, and MID Server

Building and maintaining orchestration playbooks, Flow Designer workflows, Business Rules, and Script Includes to automate enrichment and response actions

Documenting and maintaining policies, procedures, and technical designs aligned with Agile development practices and secure coding standards

Leading workshops with SOC, IR, and VR teams to capture mission needs, define business requirements, and translate them into technical solutions

Creating and maintaining Performance Analytics dashboards and KPIs to provide real-time visibility into security posture

Supporting incident resolution, troubleshooting, and sustainment of the ServiceNow SecOps environment

Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment

Qualification

ServiceNow SecOpsServiceNow administrationIntegration with SIEMFlow DesignerJavaScriptNIST 800-53ServiceNow Certified System AdministratorServiceNow Certified Application DeveloperServiceNow Certified Implementation SpecialistProblem-solving skillsCommunication skillsDocumentation skills

Required

U.S. Citizenship required

Must be able to obtain DHS program suitability and a TS/SCI clearance

8+ years of software development, IT security, or IT systems engineering experience

Minimum 4+ years of ServiceNow experience, with at least 2+ years focused on SecOps applications (SIR, VR, CC, or TI)

Strong knowledge of ServiceNow administration, advanced configuration, and custom application development

Experience integrating ServiceNow with SIEM, vulnerability scanners, and threat intelligence platforms

Hands-on experience with Flow Designer, Orchestration, IntegrationHub, and MID Server

Strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO)

Familiarity with federal cybersecurity frameworks (NIST 800-53, FedRAMP, CISA KEV, MITRE ATT&CK)

Strong communication, presentation, and documentation skills for technical and business stakeholders

Bachelor's degree in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, or a related discipline, and at least 8 years of directly relevant work experience

In lieu of a degree: an additional 10 years of directly relevant work experience (for a total of 18+ years) may be substituted

Preferred

Experience supporting DHS, DoD, or Intelligence Community customers

Experience deploying future-state SecOps processes including incident triage, vulnerability management, compliance automation, and threat intel workflows

Familiarity with Splunk use cases for security operations and event correlation

Experience with collaboration tools (MS Teams, Outlook, SharePoint, Atlassian Jira/Confluence)

Strong problem-solving, analytical, and consulting skills in complex security environments

Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired

ServiceNow Certified System Administrator (CSA)

ServiceNow Certified Application Developer

ServiceNow Certified Implementation Specialist – SecOps (SIR, VR, or CC)

ITIL v4 Foundation certification (or willingness to complete within one year)

DoD 8570.1-M Compliance at IAT Level I (e.g., Certified Information Systems Security Professional (CISSP)) certification highly desired