ServiceNow SecOps Manager

• Security Strategy & Compliance
• Define and enforce compliance to security policies, standards, and best practices for the ServiceNow platform in alignment with ServiceNow recommended Platform security shared responsibility model.
• Ensure service now platform is compliant with internal and external infosec requirements and industry best practices
• Establish governance frameworks for secure development, data protection, and risk mitigation.
• Access Control, Authentication, and authorization
• -Design and manage role-based access control (RBAC), ACLs, and authentication mechanisms in ServiceNow.
• Responsible for Single Sign-On (SSO), Multi-Factor Authentication (MFA), and enterprise IAM solutions based on Infosec standard
• Regular review of access control & entitlement based on the job function and refinement using the principle of least privilege,
• Security Operations & Incident Management
• Oversee the implementation and optimization of ServiceNow Security Operations (SecOps), including:
• Security Incident Response (SIR) - streamline incident detection, triage, and resolution.
• Vulnerability Response (VR) - automate vulnerability identification and remediation workflows.
• Threat Intelligence - integrate threat feeds and security insights for proactive defense.
• Coordinate with cybersecurity teams to detect, investigate, and respond to threats affecting ServiceNow.
• Data Privacy, Security & Encryption
• Defining Service Now data classification, data retention & data discovery strategy in alignment with Ameriprise data management policies /standards
• Implement data encryption strategy at rest, in transit & encryption key management Determining the data collection, storage, usage, sharing, archiving, and destruction policy of data processed in ServiceNow instances.
• Monitor access patterns and system activity to identify potential security threats.
• Secure Integrations & Automation
• Design and enforce secure API management for integrations between ServiceNow and third-party security tools (e.g., Active Directory, CyberArk and Aveksa, Azure AD, RIM, IAM).
• Leverage IntegrationHub, Automation Engine, and Orchestration to streamline security workflows.
• Ensure secure data exchange and prevent unauthorized access to ServiceNow instances.
• Risk & Compliance Management
• Deploy and manage ServiceNow Governance, Risk, and Compliance (GRC) solutions to assess security risks.
• Participate regular security audits, risk assessments, and penetration tests on the ServiceNow platform.
• Define and implement security controls to mitigate risks and enhance compliance.

• ServiceNow Security: Deep understanding of SecOps, GRC, RBAC, ACLs, and platform security best practices.
• Cybersecurity & Compliance: Strong knowledge of security frameworks (NIST, ISO 27001, CIS), regulatory compliance, and risk management.
• Integration & Development: Experience with REST APIs, JavaScript, OAuth, and secure integration practices.
• Cloud Security: Understanding of SaaS security, encryption methods, and cloud-based security models.

• ServiceNow Certifications:
• Certified System Administrator (CSA)
• Certified Implementation Specialist - SIR or VR

• Experience securing large-scale ServiceNow implementations in regulated industries (finance, healthcare, government).
• Strong problem-solving, analytical, and communication skills to interact with technical and non-technical stakeholders.
• Knowledge of emerging security trends, zero trust architecture, and AI-driven security solutions.
• Cybersecurity Certifications
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)

• 14-18 years of IT security experience, with 14+ years in ServiceNow security architecture, administration, or operations.
• Hands-on experience in security automation, incident response, and risk management using ServiceNow.
• Prior experience working with cybersecurity, risk management, and IT governance teams.

Zensar