SecOps ServiceNow Technical Consultant

Job Description  The Customer Outcomes SecOps Technical Consultant is the technical authority in customer engagements focused on ServiceNow Security Operations. This role combines deep cybersecurity operations knowledge with ServiceNow platform expertise to design and deliver implementations that accelerate threat detection, vulnerability remediation, and security incident response. The Senior TC operates independently, leads technical workshops, and drives complex integrations between the ServiceNow platform and the customer's broader security ecosystem.    What you get to do in this role:  Lead technical workshops with customer security teams to assess current security operations processes and design future-state workflows on the ServiceNow platform.  Configure and deliver ServiceNow SecOps solutions — Security Incident Response (SIR), Vulnerability Response (VR), and Threat Intelligence — following ServiceNow leading practices and technical standards.  Design and implement integrations between ServiceNow SecOps and external security tooling: SIEM (Splunk, QRadar, Microsoft Sentinel), vulnerability scanners (Qualys, Tenable, Rapid7), and threat intelligence platforms.  Advise customers on how to leverage SecOps automation and orchestration to reduce MTTR and improve vulnerability SLAs.  Provide oversight and technical review of configuration and integration work delivered by partner or customer developers.  Guide customers through required documentation — business requirement workbooks, integration architecture diagrams, vulnerability remediation SLA frameworks.  Provide feedback to ServiceNow product development based on implementation learnings and emerging customer security needs.  Maintain and develop skills and certifications aligned to SecOps, cybersecurity, and platform integration.    Key Responsibilities:  Design and deliver end-to-end SecOps implementations: Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence  Build and maintain integrations with SIEM platforms (Splunk, QRadar, Microsoft Sentinel) and vulnerability scanners (Qualys, Tenable, Rapid7) via REST APIs and MID Server  Configure CMDB to support asset-aware vulnerability response and accurate risk scoring  Design automated orchestration and remediation workflows using Flow Designer and IntegrationHub spokes  Apply security frameworks (NIST, MITRE ATT&CK, CVE/CVSS) to define detection, triage, and remediation logic within the platform  Architect ServiceNow CMDB as the foundation for security operations — asset coverage, CI relationships, and risk-aware prioritization  Deliver technical design sessions and solution walk-throughs for CISO, SOC, and IT Security leadership audiences  Develop internal knowledge base, integration playbooks, and reusable implementation assets for the LATAM delivery team    To be successful in this role you have:  Experience in leveraging AI or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving — including security automation, AI-driven threat detection, or AI-assisted vulnerability prioritization  8+ years of experience in professional services, cybersecurity engineering, or security operations roles; or equivalent education/experience  Deep technical knowledge of cybersecurity operations: vulnerability management, security incident response, threat intelligence, and SOC workflows  Hands-on ServiceNow SecOps configuration experience — SIR, VR, or Threat Intelligence modules  Strong integration experience: REST APIs, JSON, MID Server, IntegrationHub — particularly with security tooling (Splunk, QRadar, Qualys, Tenable, Rapid7, Sentinel)  Solid CMDB knowledge — CI classes, discovery patterns, asset relationships — critical for vulnerability response accuracy  ... (truncated, view full listing at source)