W

Security Incident Response Engineer (ServiceNow)

Warrington
2 hours ago
Full-time
On-site
Warrington
£100 - £100 GBP hourly
Security
Security Incident Response Engineer (ServiceNow)
Contract: 6 Months (Likely Extension)
Location: Hybrid
IR35: Outside / LTD – £700PD
SC Cleared / BPSS

A highly reputable corporation is hiring an experienced ServiceNow Security Incident Response (SIR) Consultant to support the design, implementation and optimisation of a Security Incident Response capability for a Cyber Security Operations Centre (CSOC).

This is an excellent opportunity to play a key role in enhancing cyber incident management processes, automating security workflows and integrating ServiceNow Security Operations with wider security tooling.

Key Responsibilities

ServiceNow SIR Workflow Design & Development

Design and configure end-to-end Security Incident Response workflows.
Build workflows covering incident triage, escalation, investigation and case management.
Develop evidence management processes and structured incident lifecycles.
Align workflows with Cyber Operations requirements, industry best practice and NCSC-aligned incident response processes.
Test, refine and optimise workflows to improve operational efficiency.
Essential Skills

Strong experience implementing and configuring ServiceNow Security Incident Response (SIR).
Expertise across ServiceNow Security Operations (SecOps).
Experience integrating ServiceNow with SIEM, SOAR, and Threat Intelligence platforms.
Strong knowledge of ITSM (Incident, Change and Problem Management).
Experience designing and automating security workflows and incident response processes.
Strong dashboard, reporting and analytics capabilities within ServiceNow.
Excellent stakeholder management, documentation and knowledge transfer skills.
ServiceNow SIR/SecOps certifications are desirable.
This is an opportunity to work on a high-profile cyber security programme where you'll have a direct impact on strengthening incident response capability, improving automation and helping shape the future Security Operations environment