Systems Engineer ServiceNow Level 5

Why Argo Cyber Systems

At Argo, you'll be part of a mission-driven, veteran-founded cybersecurity team protecting America's most critical systems. We combine hands-on technical excellence with operational precision to outpace the threat. Join us to defend, detect, and innovate at the cyber edge.

Argo Cyber is supporting a U.S. Government customer on a mission-critical cyber operations program. We are seeking a ServiceNow SecOps Business Process / Technical Consultant to design, develop, and implement ServiceNow Security Operations (SecOps) solutions that enhance the customer's ability to detect, respond, and remediate security threats. This hybrid role combines ServiceNow SecOps development, integration engineering, and process consulting. The ideal candidate will work directly with security stakeholders, translate mission requirements into technical designs, and deliver scalable, secure, and automated SecOps capabilities within the ServiceNow platform.

Responsibilities Include: Designing, prototyping, and implementing ServiceNow SecOps applications, including: o Security Incident Response (SIR): enrichment, correlation rules, and automated playbooks. o Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation. o Configuration Compliance (CC): policy exception handling, remediation tasks, compliance dashboards. o Threat Intelligence (TI): ingestion of IOCs, sightings search, enrichment workflows. Supporting the customer's roadmap for Splunk integrations to enable alert ingestion, bi-directional incident synchronization, and SIEM dashboards. Developing custom integrations with SIEM, scanner, and intel tools (e.g., Splunk, Tenable, VirusTotal, Hybrid Analysis) using IntegrationHub, REST/SOAP APIs, and MID Server. Building and maintaining orchestration playbooks, Flow Designer workflows, Business Rules, and Script Includes to automate enrichment and response actions. Documenting and maintaining policies, procedures, and technical designs aligned with Agile development practices and secure coding standards. Leading workshops with SOC, IR, and VR teams to capture mission needs, define business requirements, and translate them into technical solutions. Creating and maintaining Performance Analytics dashboards and KPIs to provide real-time visibility into security posture. Supporting incident resolution, troubleshooting, and sustainment of the ServiceNow SecOps environment. Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment.

Required Skills: U.S. Citizenship required. Must be able to obtain DHS program suitability and a TS/SCI clearance. 8+ years of software development, IT security, or IT systems engineering experience. Minimum 4+ years of ServiceNow experience, with at least 2+ years focused on SecOps applications (SIR, VR, CC, or TI). Strong knowledge of ServiceNow administration, advanced configuration, and custom application development. Experience integrating ServiceNow with SIEM, vulnerability scanners, and threat intelligence platforms. Hands-on experience with Flow Designer, Orchestration, IntegrationHub, and MID Server. Strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO). Familiarity with federal cybersecurity frameworks (NIST 800-53, FedRAMP, CISA KEV, MITRE ATT&CK). Strong communication, presentation, and documentation skills for technical and business stakeholders.

Desired Skills: Experience supporting DHS, DoD, or Intelligence Community customers. Experience deploying future-state SecOps processes including incident triage, vulnerability management, compliance automation, and threat intel workflows. Familiarity with Splunk use cases for security operations and event correlation. Experience with collaboration tools (MS Teams, Outlook, SharePoint, Atlassian Jira/Confluence). Strong problem-solving, analytical, and consulting skills in complex security environments. Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired.

Desired Certifications: ServiceNow Certified System Administrator (CSA). ServiceNow Certified Application Developer. ServiceNow Certified Implementation Specialist - SecOps (SIR, VR, or CC). ITIL v4 Foundation certification (or willingness to complete within one year). DoD 8570.1-M Compliance at IAT Level I (e.g., Certified Information Systems Security Professional (CISSP)) certification highly desired

Argo Cyber systems is an Equal Opportunity Employer!

Background & Drug Screening Disclaimer

© Argo Cyber Systems, LLC – All Rights Reserved

Argo Cyber Systems, LLC is committed to maintaining a safe, secure, and trusted workplace for all employees and our federal clients. Employment with Argo Cyber Systems is contingent upon successful completion of all required background investigations and pre-employment screenings, which may include, but are not limited to:

• Criminal background checks (federal, state, and local)
• Employment and education verification
• Reference checks
• Drug screening (in compliance with federal and state law)
• Security clearance verification (as applicable for classified positions)

Candidates selected for employment in positions requiring access to sensitive or classified information may also be subject to additional U.S. Government background investigations and security adjudication processes, including DHS Entry on Duty (EOD) suitability or equivalent federal clearance requirements.

Argo Cyber Systems reserves the right to disqualify or rescind an offer of employment based on the results of any background or screening process that, in the company's judgment, may impact an individual's ability to perform essential job functions or meet contractual obligations.

All background investigations and screenings are conducted in accordance with applicable federal, state, and local laws, including the Fair Credit Reporting Act (FCRA). Candidates will be notified of their rights and provided an opportunity to review and dispute any adverse findings before final employment determinations are made.