Staff Product Security Engineer | Secure Configuration
About The Position
PLEASE NOTE This role requires a minimum of 2 days in the San Diego, Kirkland, WA or the Chicago, IL ServiceNow Offices. If you can not meet this requirement, we ask that you please no not apply. Thank you. The ServiceNow Security Organization (SSO): The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact. The Role: As a Staff Product Security Engineer, you will contribute to initiatives that improve secure product development and customer enablement. You'll collaborate across engineering and product teams to deliver actionable security guidance, support configuration hardening, and help customers maintain a strong security posture.
Requirements
- Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry.
- A passion for security and problem solving.
- 8+ Years of experience in product security with deep knowledge of security best practices
- In-depth knowledge of common web application vulnerabilities (OWASP Top Ten) and knowledge of common application security control evaluation frameworks (OWASP ASVS) recommended.
- Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving.
- Strong verbal communication skills with an emphasis on application remediation processes.
- Ability to translate technical findings into actionable guidance.
- Collaborative mindset to work with product and customer-facing teams.
- Developer level proficiency in at least one language - Python, Java, or JavaScript preferred.
- BS/MS in Computer Science, Engineering, or a related discipline.
Nice To Haves
- Familiarity with ServiceNow architecture is a plus
- Knowledge of common compliance frameworks (e.g. FedRAMP, NIST 800-53, ISO 27001) preferred.
Responsibilities
- Participate in instance hardening management activities, including reviewing new product settings to build security recommendations and documenting these settings to ensure ServiceNow instance owners can ensure highest level of security of their instances.
- Maintain the set of hardening settings to ensure their relevance and accuracy.
- Perform security audits to discover, communicate, and recommend remediation activities for vulnerabilities.
- Contribute to the deprecation of security-impactful feature flags and support customer migration efforts to maintain a secure posture.
- Partner with Product Management to improve workflows that enable customers to adopt secure configurations more easily.
Benefits
- health plans, including flexible spending accounts
- a 401(k) Plan with company match
- ESPP
- matching donations
- a flexible time away plan
- family leave programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Industry
Professional, Scientific, and Technical Services
Number of Employees
5,001-10,000 employees
