Overview
Remote
On Site
Full Time
Skills
Artificial intelligence
SSO
Cloud computing
Business analysis
Information security
IMPACT
Metrics
Crisis management
Leadership
Problem management
MSI
Data Analysis
Data
Accountability
Reporting
Collaboration
Recovery
Business systems
Motivation
Communication
Business process
Documentation
Incident management
Software security
SaaS
Management
Cyber security
Agile
Security engineering
Security architecture
Information security governance
Personas
Law
Legal
ServiceNow
Media
Intellectual property
IP
Job Details
Company Description
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500 . Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
Job Description
The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact
ServiceNow's Security Incident Command (SIC) team is seeking an experienced Business System Analyst (BSA) with experience in the information security domain to improve our post-incident Recovery lifecycle.
This is a new role and new position. This role provides an opportunity for a very large impact by directly enabling the improvement of the state of ServiceNow's security for the whole company and our customers.
About the SIC team
The SIC team maintains and executes the Major Security Incidents (MSI) lifecycle within ServiceNow, including Preparation, Response, and Recovery. MSIs are our most challenging and impactful security incidents which pose active or heightened risk to the company and/or our customers.
Key value areas are preparing the company for MSIs through tabletop exercises (TTX), coordination of activity between many response workstream partners, tracking key MSI metrics and facts to keep everyone oriented, and communicating status, milestones, blockers, and critical decisions needed to senior management and executive stakeholders, including the CISO.
A Note on Industry Equivalent Roles and Terms
Similar terms for this role and the functions the SIC team serves can include Major Incident Management, Security Crisis Management, Crisis Lead, Problem Management and SSIRP.
What you get to do in this role
Qualifications
A successful candidate will have:
Nice to haves, but not required
#SecurityJobs
Additional Information
Work Personas
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here .
Equal Opportunity Employer
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
Accommodations
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact for assistance.
Export Control Regulations
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. 2024 Fortune Media IP Limited. All rights reserved. Used under license.
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500 . Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
Job Description
The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact
ServiceNow's Security Incident Command (SIC) team is seeking an experienced Business System Analyst (BSA) with experience in the information security domain to improve our post-incident Recovery lifecycle.
This is a new role and new position. This role provides an opportunity for a very large impact by directly enabling the improvement of the state of ServiceNow's security for the whole company and our customers.
About the SIC team
The SIC team maintains and executes the Major Security Incidents (MSI) lifecycle within ServiceNow, including Preparation, Response, and Recovery. MSIs are our most challenging and impactful security incidents which pose active or heightened risk to the company and/or our customers.
Key value areas are preparing the company for MSIs through tabletop exercises (TTX), coordination of activity between many response workstream partners, tracking key MSI metrics and facts to keep everyone oriented, and communicating status, milestones, blockers, and critical decisions needed to senior management and executive stakeholders, including the CISO.
A Note on Industry Equivalent Roles and Terms
Similar terms for this role and the functions the SIC team serves can include Major Incident Management, Security Crisis Management, Crisis Lead, Problem Management and SSIRP.
What you get to do in this role
- Establish, maintain, and evolve documentation and processes governing MSI Recovery activity.
- Document all Recovery findings. Employ data analysis skills to interpret incident data and generate actionable insights.
- Meet with stakeholders and owners of Recovery findings to agree on a path forward for resolution.
- Serve as a key point of contact for all Recovery item owners.
- Track the status of each Recovery item, ensuring accountability and progress towards resolution.
- Report regularly on the status and milestones of Recovery items to senior management and executive stakeholders
- Collaborate effectively with cross-functional teams to ensure cohesive Recovery item resolution strategies and implementations.
- Develop and maintain strong communication channels across the organization to facilitate timely and clear information sharing.
- Serve as a key driver to tangibly and meaningfully improve the security of the ServiceNow platform, our infrastructure, and the many ways our customers use the platform.
Qualifications
A successful candidate will have:
- 8+ years of experience as a Business System Analyst or similar role.
- High motivation to own and drive change. This is a key role with critical importance.
- Excellent demonstrable oral and written communication skills.
- Experience developing and maintaining business process documentation.
- Experience maintaining and improving large complex datasets with meticulous detail.
- Experience communicating with an executive audience.
- Experience in incident response at a global company.
- Familiarity with the security incident response lifecycle.
Nice to haves, but not required
- Experience within the application security domain, particularly hyperscale hosted software-as-a-service (SaaS) applications.
- Demonstrable experience driving change in a complex organization.
- Experience managing security incidents.
- Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK).
- Working understanding of the Agile framework.
- Knowledge across multiple security domains (e.g., security engineering, security architecture, security governance).
#SecurityJobs
Additional Information
Work Personas
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here .
Equal Opportunity Employer
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
Accommodations
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact for assistance.
Export Control Regulations
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. 2024 Fortune Media IP Limited. All rights reserved. Used under license.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.