ServiceNow SecOps Lead

ServiceNow Security Lead is responsible for ensuring the security, compliance, and governance of the ServiceNow platform in conjunction with Service Now & Ameriprise platform security shared responsibility model. This role focuses on implementing security best practices, managing access controls, integrating security tools, and strengthening risk management processes. The Security Lead collaborates with IT, cybersecurity, and compliance teams to safeguard sensitive data, prevent unauthorized access, and enhance the platform’s overall security posture.

Key Responsibilities

• Security Strategy & Compliance 
• Define and enforce compliance to security policies, standards, and best practices for the ServiceNow platform in alignment with ServiceNow recommended Platform security shared responsibility model. 
• Ensure service now platform is compliant with internal and external infosec requirements and industry best practices
• Establish governance frameworks for secure development, data protection, and risk mitigation. 
• Access Control, Authentication, and authorization
• -Design and manage role-based access control (RBAC), ACLs, and authentication mechanisms in ServiceNow.
• Responsible for Single Sign-On (SSO), Multi-Factor Authentication (MFA), and enterprise IAM solutions based on Infosec standard
• Regular review of access control & entitlement based on the job function and refinement using the principle of least privilege,
• Security Operations & Incident Management 
• Oversee the implementation and optimization of ServiceNow Security Operations (SecOps), including: 
• Security Incident Response (SIR) – streamline incident detection, triage, and resolution. 
• Vulnerability Response (VR) – automate vulnerability identification and remediation workflows.
• Threat Intelligence – integrate threat feeds and security insights for proactive defense. 
• Coordinate with cybersecurity teams to detect, investigate, and respond to threats affecting ServiceNow.
• Data Privacy, Security & Encryption 
• Defining Service Now data classification, data retention & data discovery strategy in alignment with Ameriprise data management policies /standards
• Implement data encryption strategy at rest, in transit & encryption key management    Determining the data collection, storage, usage, sharing, archiving, and destruction policy of data processed in ServiceNow instances.
• Monitor access patterns and system activity to identify potential security threats.
• Secure Integrations & Automation 
• Design and enforce secure API management for integrations between ServiceNow and third-party security tools (e.g., Active Directory, CyberArk and Aveksa, Azure AD, RIM, IAM).
• Leverage IntegrationHub, Automation Engine, and Orchestration to streamline security workflows.
• Ensure secure data exchange and prevent unauthorized access to ServiceNow instances.
• Risk & Compliance Management 
• Deploy and manage ServiceNow Governance, Risk, and Compliance (GRC) solutions to assess security risks.
• Participate regular security audits, risk assessments, and penetration tests on the ServiceNow platform.
• Define and implement security controls to mitigate risks and enhance compliance.

Required Skills & Qualifications

Technical Expertise: 

• ServiceNow Security: Deep understanding of SecOps, GRC, RBAC, ACLs, and platform security best practices. 
• Cybersecurity & Compliance: Strong knowledge of security frameworks (NIST, ISO 27001, CIS), regulatory compliance, and risk management.
• Integration & Development: Experience with REST APIs, JavaScript, OAuth, and secure integration practices.
• Cloud Security: Understanding of SaaS security, encryption methods, and cloud-based security models.

 Certifications

• ServiceNow Certifications: 
• Certified System Administrator (CSA) 
• Certified Implementation Specialist – SIR or VR

   Preferred Qualifications:  

• Experience securing large-scale ServiceNow implementations in regulated industries (finance, healthcare, government).
• Strong problem-solving, analytical, and communication skills to interact with technical and non-technical stakeholders.
• Knowledge of emerging security trends, zero trust architecture, and AI-driven security solutions.
• Cybersecurity Certifications
• Certified Information Systems Security Professional (CISSP) 
• Certified Information Security Manager (CISM) 

 Experience Required:  

• 14-18 years of IT security experience, with 14+ years in ServiceNow security architecture, administration, or operations.
• Hands-on experience in security automation, incident response, and risk management using ServiceNow.  
• Prior experience working with cybersecurity, risk management, and IT governance teams.

About Our Company
Ameriprise India LLP has been providing client based financial solutions to help clients plan and achieve their financial objectives for 125 years. We are a U.S. based financial planning company headquartered in Minneapolis with a global presence. The firm’s focus areas include Asset Management and Advice, Retirement Planning and Insurance Protection. Be part of an inclusive, collaborative culture that rewards you for your contributions and work with other talented individuals who share your passion for doing great work. You’ll also have plenty of opportunities to make your mark at the office and a difference in your community. So if you're talented, driven and want to work for a strong ethical company that cares, take the next step and create a career at Ameriprise India LLP.

Ameriprise India LLP is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, genetic information, age, sexual orientation, gender identity, disability, veteran status, marital status, family status or any other basis prohibited by law.

Full-Time/Part-Time

Full time

Timings

(2:00p-10:30p)

India Business Unit

AWMPO AWMP&S President's Office

Job Family Group

Technology