ServiceNow Lead Security Engineer

About The Position

Requirements

• Ability to obtain Department of Homeland Security (DHS) Entry On Duty (EOD)
• B.A./B.S. or equivalent + 15 years of relevant experience
• Experience supporting ServiceNow development
• Understanding of NIST SP 800 53, RMF, FedRAMP, and federal security control frameworks.
• Hands-on experience supporting ATO packages, SSP development, control implementation statements, and evidence collection.
• Experience performing security assessments, vulnerability analysis, risk assessments, and remediation tracking.

Nice To Haves

• CISSP certification
• CCSP certification
• CEH certification
• CySA+ certification
• AWS security certification
• Azure security certification

Responsibilities

• Oversee and perform cybersecurity risk management activities using NIST RMF (800-53, 800-171) across multiple systems and environments
• Coordinate and support 3rd-party assessments (3PAO), including preparation, evidence review, and remediation tracking
• Lead and standardize security engineering processes across all ATOs and systems in multi-cloud (AWS, Azure, GCP), on-prem, and SaaS environments
• Define and enforce security architecture standards and baselines, including cloud security, network security, and endpoint protection
• Oversee implementation and operation of enterprise security capabilities: SOC operations and SIEM (Splunk), Endpoint detection and response (EDR/XDR), Threat intelligence and threat hunting, IAM and PAM solutions, Zero Trust architecture and access controls, Application security (SAST, DAST, IaC scanning)
• Direct incident response and continuous monitoring activities, ensuring issues are identified, prioritized, and remediated
• Lead governance and assurance activities to maintain compliance with NIST 800-53, RMF, and FedRAMP
• Oversee control selection, tailoring, implementation, and validation across systems
• Ensure effective operation of POA&M management processes across all systems and teams
• Oversee development and quality of ATO packages, including SSPs, procedures, and supporting artifacts
• Coordinate with SCAs, ISSOs, System Owners, engineers, and developers to ensure consistent implementation of security controls
• Oversee enterprise vulnerability management programs using tools such as Wiz and Tenable
• Ensure timely remediation or risk-based mitigation of vulnerabilities and compliance findings across environments
• Oversee configuration management and baseline enforcement, including STIGs, CIS benchmarks, and hardened images (AMIs)
• Review and approve security architecture designs, system changes, and risk acceptance decisions
• Establish and track security metrics and reporting, including POA&M status, vulnerability trends, and incident metrics
• Lead planning and execution of security tool deployments and upgrades across multiple environments
• Ensure compliance with logging and monitoring requirements, including centralized log management and retention policies
• Oversee access control and identity governance processes, including account reviews and privileged access controls
• Guide DevSecOps practices, ensuring security is integrated into CI/CD pipelines and system development lifecycles
• Use threat intelligence to guide security priorities, improve detection capabilities, and support threat hunting efforts
• Provide direction during security incidents, including escalation, coordination, and reporting
• Support training and knowledge sharing across engineering and security teams

Benefits

• flexible time off
• learning resources
• competitive compensation
• healthcare
• wellness
• financial
• retirement
• family support
• continuing education
• time off benefits