ESM Architect

About The Position

Requirements

• Bachelor’s degree or equivalent combination of education and experience
• 10+ years overall experience with strong hands-on ServiceNow platform architecture in large enterprise environments.
• Proven experience with ITOM, Discovery, CMDB, and large-scale MID Server deployments.
• Strong integration architecture experience: REST/SOAP, API management; MuleSoft/Boomi preferred; exposure to Kafka/RabbitMQ/ETL is a plus.
• Security/IAM: SAML, OAuth, LDAP/AD; secrets management with HashiCorp Vault and/or CyberArk.
• Performance engineering and observability using Splunk/New Relic (or similar); cloud knowledge (AWS/Azure/GCP) preferred.
• Strong scripting background: JavaScript (plus PowerShell/Python/Bash preferred).
• ServiceNow CSA — Required
• ITIL v4 Foundation — Required

Nice To Haves

• ServiceNow CAD — Preferred
• ServiceNow CIS (ITOM/Discovery/CMDB or relevant) — Preferred
• HashiCorp Vault Associate / CyberArk — Preferred

Responsibilities

• Own platform architecture and roadmap; define standards/guardrails for configuration, customization, data model, integrations, and environment strategy.
• Provide hands-on architecture and troubleshooting for critical production issues (L3), performance bottlenecks, and complex technical escalations.
• Lead architecture for MID Server estate (500+): segmentation, HA, capacity planning, monitoring/alerting, upgrade strategy.
• Define integration patterns and governance for REST/SOAP and middleware platforms (e.g., MuleSoft/Boomi); ensure resiliency, observability, and runbooks.
• Own multi-instance strategy (26+ non-prod): provisioning standards, cloning approach, post-clone controls, configuration baseline/drift management.
• Drive security architecture: role/ACL model, audit readiness, IAM integrations (SAML/OAuth/LDAP/AD), and secure platform practices.
• Architect and govern secrets/credential management (246+ credentials) using HashiCorp Vault/CyberArk, including rotation and compliance.
• Lead performance and scale engineering: health KPIs/SLOs, capacity planning, DB growth controls, job/schedule optimization, APM tooling (Splunk/New Relic).
• Own CMDB/Discovery architecture and governance: identification/reconciliation, data quality, Discovery patterns/schedules, scope/exclusions, data volume management.
• Guide upgrade strategy and platform evolution (testing/validation/rollback); evaluate new capabilities (e.g., Now Assist, RaptorDB).
• Mentor platform admins/engineers; enforce SDLC/release governance and design review practices.
• Strong JavaScript and ServiceNow scripting fundamentals; ability to guide automation and troubleshooting.
• Familiarity with PowerShell/Python/Bash for operational automation.
• Own the ServiceNow platform architecture roadmap aligned to enterprise strategy, security, and scalability requirements.
• Define architecture standards for configuration, customization, data model, integrations, CMDB, and environment strategy.
• Establish governance for SDLC, release management, update set/app deployment strategy, and technical quality gates.
• Review and approve solution designs across modules/teams to ensure reusability, maintainability, and performance.
• Create and maintain reference architectures, patterns, and technical documentation/runbooks.
• Define target-state architecture for a 500+ MID Server estate (segmentation, HA, clustering, load balancing, scaling).
• Standardizing MID Server build patterns, monitoring/alerting, certificate strategy, and upgrade approach.
• Architect integration patterns (REST/SOAP, eventing, ETL, API gateways) including resiliency, retries, and observability.
• Guide integration platform usage (MuleSoft/Boomi) and establish interface standards, error handling, and runbooks.
• Define environment strategy (dev/test/stage/pre-prod), instance provisioning standards, and decommissioning controls.
• Architect cloning strategy and post-clone automation (data protection, credentials, integrations, schedules, emails).
• Establish configuration baselines and drift management across instances.
• Define platform security architecture: role model, ACL strategy, data segregation, encryption, and audit controls.
• Architect credential lifecycle management for 246+ integration credentials (rotation, ownership, access controls).
• Own secrets management integration patterns with HashiCorp Vault/CyberArk (policy model, DR/backup, rotation).
• Ensure authentication architecture aligns with enterprise IAM (SAML, OAuth, LDAP/AD) and compliance requirements.
• Define performance engineering standards (indexing strategy, caching, async patterns, job scheduling, DB growth controls).
• Establish platform health KPIs and SLOs; drive proactive monitoring (Splunk/New Relic) and capacity planning.
• Lead performance reviews and remediation plans for bottlenecks across platform, integrations, and MID estate.
• Own CMDB architecture: class model, relationship strategy, reconciliation rules, identification, and data ownership.
• Define Discovery architecture (patterns, schedules, credential strategy, MID assignment model, scope/exclusions).
• Drive CMDB data volume management (archiving/purging strategy) and data quality governance.
• Define license governance model for ITOM and related products; ensure optimized consumption and forecasting.
• Partner with procurement/vendor management on renewals, true-ups, and roadmap planning.
• Provide architectural leadership for L3 production support, problem management, and RCA to prevent recurrence.
• Own upgrade strategy (testing approach, regression automation, rollback plans) and platform evolution roadmap.
• Sponsor POCs for new capabilities (e.g., Now Assist, RaptorDB) and define adoption guardrails.
• Lead/mentor platform admins and engineers; set technical direction and operational priorities.
• Collaborate with security, infrastructure, network, and application teams to resolve cross-domain issues.
• Communicate architectural decisions, risks, and tradeoffs to leadership and business stakeholders.

Benefits

• Excellent Health benefits with low-cost employee premium.
• Wide range of voluntary benefits such as Legal, Identity theft and Critical Care Coverage
• Unlimited training and upskilling opportunities through Udemy and Hexavarsity
• Competitive Salary
• Company Pension Scheme
• Comprehensive Health Insurance
• Flexible Work Hours and Hybrid Work Options
• XX days paid annual holidays + public holidays.
• Professional Development and Training Opportunities
• Employee Assistance Program (EAP)
• Diversity, Equity, and Inclusion Initiatives
• Company Events and Team-Building Activities