ServiceNow Security Engineer
CACI International•Arlington, VA
•Remote
About The Position
CACI is seeking a ServiceNow Security Engineer to join our team. Our Security Engineer will report to the ServiceNow Program Manager and work closely with a team of ServiceNow Platform Team. The ideal candidate is a security engineer with RMF/NIST expertise, strong cloud security and ServiceNow experience, excellent documentation and communication skills, and the ability to lead in a complex environment.
Requirements
- Ability to obtain Department of Homeland Security (DHS) Entry On Duty (EOD)
- B.A./B.S. or equivalent + 15 years of relevant experience
- Experience supporting ServiceNow development
- Understanding of NIST SP 800 53, RMF, FedRAMP, and federal security control frameworks.
- Hands-on experience supporting ATO packages, SSP development, control implementation statements, and evidence collection.
- Experience performing security assessments, vulnerability analysis, risk assessments, and remediation tracking.
Nice To Haves
- Any of the following certifications is highly desired: CISSP, CCSP, CEH, CySA+, AWS/Azure security certs.
Responsibilities
- Perform governance and assurance activities to ensure alignment with NIST SP 800-53, RMF, and FedRAMP requirements
- Define, document, and assess security requirements for systems; support control selection, tailoring, and implementation
- Build, configure, and enforce AWS and Azure security controls, including IAM, logging, network security, and guardrails
- Configure and operate Splunk SIEM for monitoring, correlation, alerting, and incident detection across cloud and on-prem environments
- Support continuous monitoring (NIST CA-7) including control validation, evidence collection, and ongoing assessment activities
- Manage the POA&M lifecycle: document findings, assign ownership, track milestones, validate remediation, and close items
- Develop and maintain ATO documentation, including SSPs, security procedures, control implementation statements, and evidence artifacts
- Support security assessments and audits; coordinate with SCAs, auditors, and 3PAOs during assessment activities
- Work with System Owners, ISSOs, administrators, and developers to implement security controls and remediate findings
- Perform vulnerability management using tools such as Wiz and Tenable: scanning, analysis, prioritization, and remediation tracking
- Validate and enforce patch management and configuration baselines (e.g., STIGs, CIS benchmarks)
- Assist with incident response activities, including triage, investigation, containment, and reporting
- Perform log review and analysis to identify suspicious activity and ensure logging requirements (e.g., OMB M-21-31) are met
- Support account management and access control reviews (e.g., AC-2), including periodic user access recertifications
- Maintain asset inventory and system categorization in accordance with RMF requirements
- Develop and maintain security documentation, including diagrams, procedures, and standard operating guides
- Create and maintain project plans for deploying and maintaining security tools and capabilities
- Perform risk assessments and impact analysis for system changes, vulnerabilities, and exceptions
- Support DevSecOps integration, including participation in CI/CD security scanning (SAST/DAST/IaC) and secure configuration validation
- Use threat intelligence to support threat hunting, improve detection use cases, and enhance incident response
- Track and report security metrics (e.g., vulnerability remediation timelines, POA&M status, incident trends)
Benefits
- healthcare
- wellness
- financial
- retirement
- family support
- continuing education
- time off benefits
- flexible time off benefit
- robust learning resources
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
