ServiceNow Cloud Security Compliance Engineer

RESPONSIBILITIES:Kforce has a client that is seeking a ServiceNow Cloud Security Compliance Engineer in Anchorage, AK.Key Tasks: ServiceNow Cloud Security Compliance Engineer will perform security operations, and all required ongoing security monitoring Monitor, detect and investigate for potential unauthorized changes/incidents and potential privacy incidents to ServiceNow services, reporting to the ISSO, System Owner, and other stakeholders as required by organizational policy Provide support to Service Desk for security incidents (tickets) to resolution As a ServiceNow Cloud Security Compliance Engineer, you will produce and brief leadership on the state and results of security monitoring and incident response to include security risk posture Perform analysis of apps, scripts, APIs, and connections to determine those that can be trusted, restricted, or banned in accordance with established policy Perform security impact assessment for Change Requests (CR) Develop/Maintain the Security Procedure Guides to keep pace with changes to each cloud platform ServiceNow Cloud Security Compliance Engineers maintain Incident Response Plan and Procedures to address changes to the environment, new policy, process improvement, and addition of new cloud services Support the Review of audit logs, Account management, Incident response, Operations support; Assist with change requestsPerform initial and Re-authorizations ATO Packages for ServiceNow included but not limited to: Contingency Plan Incident Response Plan System Security Plan Plan of Actions and Milestones Control Responses Privacy Impact Assessment Risk AssessmentREQUIREMENTS: ITIL v4 certification 3+ years of professional experience in cybersecurity compliance and RMF (Steps 0-6) Experience in multi-cloud and hybrid implementation with the use of ServiceNow Mid Servers Awareness of security-related best practices/principles for ServiceNow Experience designing and executing cloud application security evaluations Experience leading the effort for a cloud application through the entire A&A process aligned to RMF Steps 0 to 6 Application security testing techniques, using automated tools and manual testing Discovery of application security weaknesses and writing recommendations for remediation and prevention Experience with Xacta or similar governance tool Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified informationDesired Skills, Experience, and Certifications: Experience with application vulnerability assessment/penetration testing is desired Code review and application development skills are a definite plus Understanding experience performing or experience implementing DevSecOps Knowledge of the SDLC and experience working with development teamsKforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.