ServiceNow is hiring a

Staff Security Incident Remediation Analyst

Atlanta, United States
Full-Time

The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact    

ServiceNow’s Security Incident Command (SIC) team is seeking an experienced Business System Analyst (BSA) with experience in the information security domain to improve our post-incident Recovery lifecycle.  

This is a new role and new position. This role provides an opportunity for a very large impact by directly enabling the improvement of the state of ServiceNow’s security for the whole company and our customers. 

 

About the SIC team 

The SIC team maintains and executes the Major Security Incidents (MSI) lifecycle within ServiceNow, including Preparation, Response, and Recovery. MSIs are our most challenging and impactful security incidents which pose active or heightened risk to the company and/or our customers. 

Key value areas are preparing the company for MSIs through tabletop exercises (TTX), coordination of activity between many response workstream partners, tracking key MSI metrics and facts to keep everyone oriented, and communicating status, milestones, blockers, and critical decisions needed to senior management and executive stakeholders, including the CISO. 

A Note on Industry Equivalent Roles and Terms 

Similar terms for this role and the functions the SIC team serves can include Major Incident Management, Security Crisis Management, Crisis Lead, Problem Management and SSIRP. 

 

What you get to do in this role 

  • Establish, maintain, and evolve documentation and processes governing MSI Recovery activity. 

  • Document all Recovery findings. Employ data analysis skills to interpret incident data and generate actionable insights. 

  • Meet with stakeholders and owners of Recovery findings to agree on a path forward for resolution. 

  • Serve as a key point of contact for all Recovery item owners. 

  • Track the status of each Recovery item, ensuring accountability and progress towards resolution. 

  • Report regularly on the status and milestones of Recovery items to senior management and executive stakeholders  

  • Collaborate effectively with cross-functional teams to ensure cohesive Recovery item resolution strategies and implementations. 

  • Develop and maintain strong communication channels across the organization to facilitate timely and clear information sharing. 

  • Serve as a key driver to tangibly and meaningfully improve the security of the ServiceNow platform, our infrastructure, and the many ways our customers use the platform.  

A successful candidate will have: 

  • 8+ years of experience as a Business System Analyst or similar role. 

  • High motivation to own and drive change. This is a key role with critical importance. 

  • Excellent demonstrable oral and written communication skills. 

  • Experience developing and maintaining business process documentation. 

  • Experience maintaining and improving large complex datasets with meticulous detail. 

  • Experience communicating with an executive audience. 

  • Experience in incident response at a global company. 

  • Familiarity with the security incident response lifecycle. 

 

Nice to haves, but not required 

  • Experience within the application security domain, particularly hyperscale hosted software-as-a-service (SaaS) applications. 

  • Demonstrable experience driving change in a complex organization. 

  • Experience managing security incidents. 

  • Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK). 

  • Working understanding of the Agile framework. 

  • Knowledge across multiple security domains (e.g., security engineering, security architecture, security governance). 

 

#SecurityJobs 

 

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. 

Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Analyst Q&A's
Report this job
Apply for this job