ServiceNow Vulnerability Response Engineer
Sixgeninc · Northern Virginia · Posted Jul 3, 2026
Apply on company site Track it in JobSkout
Job Title: ServiceNow Vulnerability Response Engineer
Position Summary
The ServiceNow Vulnerability Response (VR) Engineer is responsible for designing, implementing, and optimizing the Bureau's Enterprise Vulnerability Management Program (VMP) through the ServiceNow Security Operations platform. This role supports the engineering and enhancement of the Vulnerability Response (VR) application, integrating vulnerability data sources, automating remediation workflows, and improving enterprise vulnerability reporting.
The ideal candidate possesses deep experience with ServiceNow Security Operations, particularly the Vulnerability Response (VR) module, and understands how vulnerability management integrates with Security Incident Response (SIR), Governance, Risk, and Compliance (GRC), Configuration Management Database (CMDB), and enterprise security operations. This individual will collaborate with cybersecurity, infrastructure, application, and business stakeholders to ensure vulnerabilities are prioritized, tracked, remediated, and reported effectively using risk-based methodologies and automation.
Key Responsibilities
ServiceNow Vulnerability Response Engineering
Configure, administer, and enhance the ServiceNow Vulnerability Response (VR) application within the ServiceNow Security Operations platform.
Design and implement workflows that improve vulnerability identification, prioritization, assignment, remediation, and reporting.
Develop and maintain integrations between ServiceNow VR and enterprise vulnerability scanning platforms.
Configure business rules, workflows, forms, notifications, dashboards, and reporting to support vulnerability management operations.
Continuously improve platform functionality to increase operational efficiency and automation.
Enterprise Vulnerability Management
Support the organization's Enterprise Vulnerability Management Program (VMP) by improving vulnerability lifecycle management.
Integrate vulnerability findings from multiple scanning tools into ServiceNow to provide centralized visibility and workflow management.
Support risk-based vulnerability prioritization based on exploitability, business criticality, asset value, and operational impact.
Collaborate with remediation teams to ensure vulnerabilities are tracked through closure and validated appropriately.
Develop vulnerability reporting metrics and executive dashboards supporting organizational risk management.
Security Operations GRC Integration
Support integration between ServiceNow Vulnerability Response (VR), Security Incident Response (SIR), Governance, Risk, and Compliance (GRC), CMDB, and other ServiceNow modules.
Coordinate with Security Operations, Risk Management, Compliance, and Infrastructure teams to improve operational workflows.
Ensure vulnerability management processes align with enterprise governance and cybersecurity policies.
Assist in documenting vulnerability management procedures and operational processes.
Automation AI
Implement automation capabilities that improve vulnerability ingestion, enrichment, prioritization, and remediation workflows.
Utilize AI-enabled capabilities to identify high-risk vulnerabilities based on exploitability, threat intelligence, and business impact.
Research emerging automation and AI technologies that improve vulnerability management effectiveness and scalability.
Recommend workflow improvements that reduce manual effort and accelerate remediation activities.
Reporting Continuous Improvement
Develop executive-level vulnerability reporting, operational dashboards, and compliance metrics.
Monitor program performance and recommend enhancements to vulnerability management processes.
Analyze trends to identify recurring weaknesses and opportunities to improve organizational security posture.
Maintain documentation supporting platform configuration, integrations, workflows, and operational procedures.
Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field.
5+ years of experience supporting enterprise Vulnerability Management Programs.
Extensive hands-on experience with:
ServiceNow Security Operations
ServiceNow Vulnerability Response (VR)
ServiceNow Security Incident Response (SIR)
ServiceNow Governance, Risk, and Compliance (GRC)
Experience integrating enterprise vulnerability scanners (such as Tenable, Qualys, Rapid7, or Microsoft Defender Vulnerability Management) with ServiceNow.
Strong understanding of vulnerability lifecycle management, remediation workflows, and risk-based prioritization.
Experience configuring ServiceNow workflows, dashboards, reporting, business rules, and automation.
Knowledge of vulnerability scoring methodologies, including CVSS, exploitability metrics, and business impact analysis.
Strong understanding of enterprise cybersecurity operations and vulnerability management best practices.
Excellent analytical, troubleshootin…