Job Description:
Security Incident Response Engineer (ServiceNow)Contract: 6 Months (Likely Extension)
Location: Hybrid
IR35: Outside / LTD – £700PD
SC Cleared / BPSS
A highly reputable corporation is hiring an experienced ServiceNow Security Incident Response (SIR) Consultant to support the design, implementation and optimisation of a Security Incident Response capability for a Cyber Security Operations Centre (CSOC).
This is an excellent opportunity to play a key role in enhancing cyber incident management processes, automating security workflows and integrating ServiceNow Security Operations with wider security tooling.
Key ResponsibilitiesServiceNow SIR Workflow Design & Development
- Design and configure end-to-end Security Incident Response workflows.
- Build workflows covering incident triage, escalation, investigation and case management.
- Develop evidence management processes and structured incident lifecycles.
- Align workflows with Cyber Operations requirements, industry best practice and NCSC-aligned incident response processes.
- Test, refine and optimise workflows to improve operational efficiency.
Essential Skills- Strong experience implementing and configuring ServiceNow Security Incident Response (SIR).
- Expertise across ServiceNow Security Operations (SecOps).
- Experience integrating ServiceNow with SIEM, SOAR, and Threat Intelligence platforms.
- Strong knowledge of ITSM (Incident, Change and Problem Management).
- Experience designing and automating security workflows and incident response processes.
- Strong dashboard, reporting and analytics capabilities within ServiceNow.
- Excellent stakeholder management, documentation and knowledge transfer skills.
ServiceNow SIR/SecOps certifications are desirable.
This is an opportunity to work on a high-profile cyber security programme where you'll have a direct impact on strengthening incident response capability, improving automation and helping shape the future Security Operations environment.