Who We’re Looking For (Position Overview):
Spry Methods is seeking an experienced Security Specialist to lead the security, compliance, and governance of our ServiceNow (SNOW) platform. This role is responsible for defining and implementing security policies, managing user access controls, ensuring compliance with regulatory requirements, and establishing security best practices across all ServiceNow applications and modules. The ideal candidate will have deep expertise in ServiceNow security architecture, identity and access management, and information security principles, combined with strong leadership and risk management capabilities.
What Your Day-To-Day Looks Like (Position Responsibilities):
The SNOW Security Specialist will serve as the primary security authority for the ServiceNow platform, working closely with IT Security, Compliance, Development, and Business teams to ensure the platform is secure, compliant, and aligned with organizational security standards. This individual will be responsible for managing security configurations, conducting security assessments, and providing security guidance for all ServiceNow initiatives. Principal responsibilities include but are not limited to:
Design, implement, and maintain comprehensive security architecture for the ServiceNow platform
Define and enforce security policies, configurations, standards, and procedures for ServiceNow applications and data
Create and maintain security documentation, including Access Control Lists (ACLs), roles, groups, and user permissions across all ServiceNow modules
Conduct regular security assessments, audits, and vulnerability analyses of the ServiceNow platform
Implement and maintain security compliance controls for regulatory requirements (SOX, HIPAA, GDPR, PCI-DSS, etc.)
Develop and maintain role-based access control (RBAC) frameworks and security models
Monitor and investigate security incidents, access violations, and anomalous activities
Collaborate with development teams to ensure secure coding practices and security by design
Manage ServiceNow Single Sign-On (SSO), multi-factor authentication (MFA), and identity integration
Lead security aspects of ServiceNow upgrades, patches, and platform changes
Provide security guidance and training to ServiceNow administrators and developers
Manage third-party integrations and API security configurations
Coordinate with internal and external auditors for ServiceNow security reviews
Stay current with ServiceNow security features, vulnerabilities, and industry best practices
Participate in incident response and disaster recovery planning for the ServiceNow platform
Generate security reports and metrics for leadership and compliance purposes
Build and maintain strong relationships with business leaders and key stakeholders
Support change management activities related to ServiceNow implementation
What You Need to Succeed (Minimum Requirements):
Bachelor's degree in Business Administration, Management, Computer Science, Engineering, or related field
Minimum 5-7 years of experience in information security, with at least 3-5 years focused on ServiceNow security
Proven experience implementing and managing ServiceNow security controls and access management
Experience with ServiceNow platform administration and configuration
Strong understanding of security frameworks and compliance requirements (ISO 27001, NIST, CIS Controls)
Experience conducting security assessments and managing security incidents
Track record of implementing security best practices in enterprise environments
Must hold at least one of the following certifications:
o Certified Information Systems Security Professional (CISSP) certification
o Certified Information Security Manager (CISM) certification
o Certified Information Systems Auditor (CISA) certification
o Certified Ethical Hacker (CEH) or other relevant security certification
Expert knowledge of ServiceNow security architecture and security controls
Deep understanding of ServiceNow ACLs, roles, groups, and security rule configurations
Proficiency in ServiceNow security modules (Security Operations, Vulnerability Response, Threat Intelligence) or other similar security tools
Strong knowledge of identity and access management (IAM) principles and technologies
Experience with ServiceNow authentication methods (SSO, SAML, OAuth, LDAP, Active Directory)
Understanding of encryption technologies and data protection mechanisms
Knowledge of network, cloud, & application security logging, monitoring, and SIEM integration
Experience with security audits, security assessments, vulnerability scanning, & compliance reporting
Understanding of API security and secure integration patterns
Knowledge of ServiceNow scripting for security implementations (JavaScript, Business Rules, Script Includes)
Excellent problem-solving, analytical, risk assessment, and critical thinking skills with ability to anticipate security threats and trends
Outstanding communication skills with ability to explain security concepts to technical and non-technical audiences
Ability to balance security requirements with business needs and usability
Customer service mindset with focus on Stakeholder management and collaboration skills
Self-motivated with ability to work with moderate supervision
Ideally, You Also Have (Preferred Qualifications):
Master's degree in Information Security, Cybersecurity, or related field
Additional ServiceNow certifications (Implementation Specialist, Mainline Specialist)
Experience managing security teams or programs
Background in security consulting or advisory roles
Strong presentation and training delivery skills
Experience with security awareness program development
Knowledge of privacy regulations and data protection laws
Change management and security culture transformation experience
#CJ
