1 Zensar Technologies Operations Manager Job

ServiceNow SecOps Manager

Experience : 14 - 18 Years (Overall IT Security), 14+ Years (ServiceNow Security)

Employment Type : Full-time

Job Overview :

We are seeking an experienced and driven ServiceNow SecOps Manager with 14-18 years of IT security experience, including 14+ years dedicated to ServiceNow security architecture, administration, or operations. The ideal candidate will possess specialized expertise in ServiceNow's Security Operations (SecOps) module and a deep understanding of IT Service Management (ITSM) principles.

This pivotal role involves defining security strategy and compliance, overseeing SecOps implementation, managing data privacy, designing secure integrations, and leading risk and compliance efforts within the ServiceNow platform, aligning with the ServiceNow recommended Platform security shared responsibility model.

Key Responsibilities

Security Strategy & Compliance :

- Define and enforce compliance with security policies, standards, and best practices for the ServiceNow platform, aligning with the ServiceNow recommended Platform security shared responsibility model.

- Ensure the ServiceNow platform is compliant with internal and external information security requirements and industry best practices.

- Establish robust governance frameworks for secure development, data protection, and risk mitigation.

Access Control, Authentication, and Authorization :

- Design and manage Role-Based Access Control (RBAC), ACLs (Access Control Lists), and authentication mechanisms within ServiceNow.

- Responsible for implementing and managing Single Sign-On (SSO), Multi-Factor Authentication (MFA), and enterprise IAM (Identity and Access Management) solutions based on Infosec standards.

- Conduct regular reviews of access control and entitlement based on job functions and refine them using the principle of least privilege.

Security Operations & Incident Management :

- Oversee the implementation and optimization of ServiceNow Security Operations (SecOps), including :

- Security Incident Response (SIR) : Streamline incident detection, triage, and resolution.

- Vulnerability Response (VR) : Automate vulnerability identification and remediation workflows.

- Threat Intelligence : Integrate threat feeds and security insights for proactive defense.

- Coordinate closely with cybersecurity teams to detect, investigate, and respond to threats affecting the ServiceNow platform.

Data Privacy, Security & Encryption :

- Define ServiceNow data classification, data retention, and data discovery strategies in alignment with organizational data management policies and standards.

- Implement data encryption strategies for data at rest, in transit, and manage encryption keys effectively.

- Determine policies for data collection, storage, usage, sharing, archiving, and destruction of data processed in ServiceNow instances.

- Monitor access patterns and system activity to identify potential security threats.

Secure Integrations & Automation :

- Design and enforce secure API management for integrations between ServiceNow and third-party security tools (e.g., Active Directory, CyberArk, Aveksa, Azure AD, RIM, IAM).

- Leverage IntegrationHub, Automation Engine, and Orchestration to streamline security workflows and automate tasks.

- Ensure secure data exchange and prevent unauthorized access to ServiceNow instances.

Risk & Compliance Management :

- Deploy and manage ServiceNow Governance, Risk, and Compliance (GRC) solutions to assess security risks.

- Participate in regular security audits, risk assessments, and penetration tests on the ServiceNow platform.

- Define and implement security controls to mitigate identified risks and enhance compliance posture.

Required Skills & Qualifications :

Experience :

- 14-18 years of IT security experience, with 14+ years in ServiceNow security architecture, administration, or operations.

- Hands-on experience in security automation, incident response, and risk management using ServiceNow.

- Prior experience working with cybersecurity, risk management, and IT governance teams.

Technical Expertise :

- ServiceNow Security : Deep understanding of SecOps (SIR, VR), GRC, RBAC, ACLs, and comprehensive platform security best practices.

- Cybersecurity & Compliance : Strong knowledge of security frameworks (NIST, ISO 27001, CIS), regulatory compliance, and risk management principles.

- Integration & Development : Experience with REST APIs, JavaScript, OAuth, and secure integration practices.

- Cloud Security : Understanding of SaaS security models, encryption methods (at rest, in transit), and cloud-based security architectures.

Certifications :

- ServiceNow Certified System Administrator (CSA).

- ServiceNow Certified Implementation Specialist SIR or VR.

Preferred Qualifications :

- Experience securing large-scale ServiceNow implementations in regulated industries (e.g., finance, healthcare, government).

- Strong problem-solving, analytical, and communication skills to effectively interact with technical and non-technical stakeholders.

- Knowledge of emerging security trends, zero trust architecture, and AI-driven security solutions.

Cybersecurity Certifications :

- Certified Information Systems Security Professional (CISSP).

- Certified Information Security Manager (CISM).