Business Title: ServiceNow SecOps Technical Product Owner - Remote
Requisition Number: 111113 - 67 ... Function: Business Support Services
Area of Interest:
State: NY
City: Melville
Description:
Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.
KPMG is currently seeking a ServiceNow SecOps Technical Product Owner to join our Digital Nexus organization. This is a remote work opportunity.
Responsibilities:
β’ Lead the responsibilities of a Product Owner including customer consultations, understanding ServiceNow configuration, development of stories based on user requirements into a product backlog and into an Agile Team for delivery
β’ Work as a Trusted Advisory and subject matter expert in ServiceNow SecOps and Products including but not limited to Vulnerability Response, Security Incident Response, Cloud Security Posture, Threat Intelligence, Risk, Configuration Compliance, Performance Analytics for SecOps, Event Management and DLP Incident Response, BCM Product Lines
β’ Define and maintain product requirements for current delivery and future planned releases based on the product roadmaps; provide configuration compliance and design, service aware risk scoring, integration with controls baselines from GRC controls universe; setup views of configuration tests, security baselines, CIS benchmarks for servers and other assets), remediation status reporting, tracking against individual configuration tests, risk scoring calculations, remediations and remediation status of failed test results
β’ Build remediation processes and workflows for Vulnerability Response and Configuration Compliance; start from SNOW OOB instance, requirement gathering and then customize the instance as per Client need; lead ServiceNow implementation projects and oversee architectural design, while working directly with Cybersecurity Leadership, Technology Risk, IT, and business to ensure project delivery is on track
β’ Requirements gathering, Agile User Stories, technical design, sprint sessions, testing, UAT and deployment; conduct quarterly planning and program increment roadmaps
β’ Provide guidance to developers on ServiceNow configuration; conduct final QA reviews of all ServiceNow deliverables
Qualifications:
β’ Minimum five years of recent experience in ServiceNow System Administration; design configuration, implementation, administration, List/Form/Navigation Updates, Workflows, Instance Patch Management, Creating Tables, Fields; Experience with Agile software development and Scrum, SAFe, and Kanban methodologies; ServiceNow integration, automation, and workflows experience
β’ Bachelor's degree from an accredited college or university is preferred; Certifications in one or more of the following is desired: Certified ServiceNow Administrator, Application Developer, Implementation Specialist (CSA, CAD, CIS); Certified Implementation Specialist - Vulnerability Response; Certified Implementation Specialist - Configuration Compliance; Industry Security CISM, CISSP, CRISC
β’ Advanced functional and technical understanding of the ServiceNow Security Ops (VR, CC, SIR, TI); Vulnerability Management familiarity (Scanning, threat intelligence (NVD CVE, MITRE CWE), patch deployment, remediation tracking, CMDB enrichment, and risk reporting
β’ Experience with current industry standard security ServiceNow data integrations such as Qualys, CrowdStrike, Sentinel, Microsoft Security, Proofpoint and more, servers (internal and external) and endpoints, BigFix Inventory spoke, SIEM, CVE, Threat Intelligence, CMDB. Synchronize with security scanning and updating data; Configuration Compliance familiarity (Scanning, testing, benchmarks, scoring, remediation tracking); Familiarity with security frameworks such as CIS, NIST CSF, NIST 800-53, ISO, HIPAA, PCI; Familiarity with Unified Controls Framework (UCF) and mapping to common controls
β’ Experience with creation and modification of various Access Controls (ACL's), Business Rules, Scripting, Ajax Query, Glide Scripting, Jelly Scripts, Java Scripting, UI Policies; experience with Service Portals (Widgets, Server Scripting, Client Scripting, JavaScript, HTML, CSS, SQL, Portal Configuration); ServiceNow version Upgrade experience; Utah, Tokyo, San Diego, Rome, Quebec, Paris, Orlando
β’ Strong process development, facilitating requirements for SNOW implementations experience; great communication skills, team player, drives processes and takes active ownership of deliverables; ability to present to all levels of the organization including Senior Executives, Business Partners and key stakeholders across the organization
KPMG complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, the firm is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year the firm publishes a calendar of holidays to be observed during the year and provides two firmwide breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at 'Benefits & How We Work (https://www.kpmguscareers.com/why-kpmg/#benefits) '.
Follow this link to obtain salary ranges by city outside of CA: https://www.kpmg.us/work-for-kpmg/pay-transparency.html/?id=6705-9
KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link ( https://assets.kpmg.com/content/dam/kpmg/us/pdf/2018/09/eeo.pdf) contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.
KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them.
KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).
GL: 4
GF: 15310