Security Incident Response Engineer (ServiceNow)

Security Incident Response Engineer (ServiceNow)

Posted 1 day ago by IntecSelect

£700 Per day
Outside
Hybrid
Warrington, Cheshire, UK

Summary: The Security Incident Response Engineer (ServiceNow) role involves supporting the design, implementation, and optimization of a Security Incident Response capability for a Cyber Security Operations Centre. This contract position, likely extending beyond six months, requires expertise in ServiceNow Security Incident Response and aims to enhance cyber incident management processes. The role is hybrid and offers a competitive daily rate for qualified candidates.

Key Responsibilities:

  • ServiceNow SIR Workflow Design & Development
  • Design and configure end-to-end Security Incident Response workflows.
  • Build workflows covering incident triage, escalation, investigation and case management.
  • Develop evidence management processes and structured incident life cycles.
  • Align workflows with Cyber Operations requirements, industry best practice and NCSC-aligned incident response processes.
  • Test, refine and optimise workflows to improve operational efficiency.

Key Skills:

  • Strong experience implementing and configuring ServiceNow Security Incident Response (SIR).
  • Expertise across ServiceNow Security Operations (SecOps).
  • Experience integrating ServiceNow with SIEM, SOAR, and Threat Intelligence platforms.
  • Strong knowledge of ITSM (Incident, Change and Problem Management).
  • Experience designing and automating security workflows and incident response processes.
  • Strong dashboard, reporting and analytics capabilities within ServiceNow.
  • Excellent stakeholder management, documentation and knowledge transfer skills.

Salary (Rate): £700 daily

City: Warrington

Country: UK

Working Arrangements: hybrid

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Security Incident Response Engineer (ServiceNow)
Contract: 6 months (Likely Extension)
Location: Hybrid
IR35: Outside/LTD - £700PD
SC Cleared/BPSS

A highly reputable corporation is hiring an experienced ServiceNow Security Incident Response (SIR) Consultant to support the design, implementation and optimisation of a Security Incident Response capability for a Cyber Security Operations Centre (CSOC).

This is an excellent opportunity to play a key role in enhancing cyber incident management processes, automating security workflows and integrating ServiceNow Security Operations with wider security tooling.

Key Responsibilities

  • ServiceNow SIR Workflow Design & Development
  • Design and configure end-to-end Security Incident Response workflows.
  • Build workflows covering incident triage, escalation, investigation and case management.
  • Develop evidence management processes and structured incident life cycles.
  • Align workflows with Cyber Operations requirements, industry best practice and NCSC-aligned incident response processes.
  • Test, refine and optimise workflows to improve operational efficiency.

Essential Skills
  • Strong experience implementing and configuring ServiceNow Security Incident Response (SIR).
  • Expertise across ServiceNow Security Operations (SecOps).
  • Experience integrating ServiceNow with SIEM, SOAR, and Threat Intelligence platforms.
  • Strong knowledge of ITSM (Incident, Change and Problem Management).
  • Experience designing and automating security workflows and incident response processes.
  • Strong dashboard, reporting and analytics capabilities within ServiceNow.
  • Excellent stakeholder management, documentation and knowledge transfer skills.

ServiceNow SIR/SecOps certifications are desirable.
This is an opportunity to work on a high-profile cyber security programme where you'll have a direct impact on strengthening incident response capability, improving automation and helping shape the future Security Operations environment.