- SKILLS / EXPERIENCE REQUIRED
Please find below the criteria for the expected resource:
- 8+ years’ working experience in ServiceNow.
- 5+ years’ working experience in ServiceNow SecOps VR.
- Previous working experience in implementing ServiceNow SecOps VR for at least one customer with 50K+ systems.
- Expert knowledge on the internals of the ServiceNow platform.
- Proficient skills in developing customized scripts inside ServiceNow.
- Proficient skills in using APIs of security tools (e.g., Rapid7 InsightAppSec and Prisma Cloud) for data retrieval and setting up integration with ServiceNow.
- 3+ years of hands-on experience developing and maintaining multiple ServiceNow instances
- Knowledge and previous experience in implementing ServiceNow ITSM and ITOM is desirable.
- Knowledge of information security concepts is desirable.
The scope of work that a vendor is expected to perform include:
- Integrate ServiceNow SecOps VR with WBG Vulnerability Scanning tools in different environments including Production.
- Import vulnerability scan findings from WBG Vulnerability Scanning tools to ServiceNow SecOps VR
- Implement the WBG Vulnerability Risk Assessment Framework in ServiceNow SecOps VR.
- Implement workflows that are consistent with WBG Threat and Vulnerability Management (TVM) processes and procedures in ServiceNow SecOps VR.
- Provide trainings on ServiceNow SecOps VR to different groups in WBG.
- Upgrade ServiceNow applications that are related to ServiceNow SecOps VR, including major releases, minor releases, and patch releases.
- Provide semi-annual presentations on new ServiceNow releases and highlight new features and applications that are related to ServiceNow SecOps VR.
- When there is any change in WBG TVM process/procedure, identify the relevant native/customized components that need to be updated accordingly and complete the implementation so that it is consistent with the new WBG Vulnerability Management process/procedure.