ServiceNow Vulnerability Response Specialist
Contract: Initial 3 months (Inside IR35)
Location: Fully remote
Rate: Competitive (Inside IR35)
The Opportunity
A large, highly regulated organisation operating critical national services is seeking an experienced ServiceNow Vulnerability Response Specialist to stabilise and optimise its vulnerability management capability.
This is a hands-on contract role focused on reducing vulnerability noise, improving ownership and accountability, and ensuring ServiceNow VR is the single system of record. You will also re-engineer processes supporting Tenable ASM to improve visibility and control of external exposure.
The engagement has a clear outcome: leave behind a stable, well-documented, and sustainable operating model within three months.
What You’ll Be Doing
* Operating and optimising day-to-day vulnerability management within ServiceNow Vulnerability Response
* Cleaning up vulnerability grouping and assignment logic; eliminating orphaned tickets and unclear ownership
* Identifying workflow breakdowns and implementing automation to improve efficiency
* Building and refining dashboards for remediation teams, security leadership, and risk stakeholders
* Ensuring SLA breaches and aged vulnerabilities are visible to the right teams
* Configuring ServiceNow workspaces and integrations to surface Tenable scanning health
* Re-configuring and operationalising Tenable ASM to manage external attack surface exposure
* Creating scan failure alerts and automated investigation tickets in ServiceNow
* Clearly documenting processes, configurations, and operating procedures
What We’re Looking For
* Strong hands-on experience with ServiceNow Vulnerability Response
* Proven experience stabilising and improving existing VR implementations (not greenfield)
* Experience integrating Tenable (including ASM) with ServiceNow
* Solid understanding of vulnerability management processes, SLAs, and remediation workflows
* Experience building ServiceNow dashboards, workflows, and automations
* Comfortable working in regulated or critical-services environments
* Strong documentation and stakeholder communication skills