Company Description
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
Job Description

THE ROLE:

As a Sr. Manager of Product Security, you’ll be responsible for overseeing a team that creates hardening guidance for upcoming ServiceNow product releases. This will require experience building business processes within software release lifecycles and an understanding of workflows related to Security Benchmarking. You’ll work closely with Product Management and Development leaders to operationalize service hardening processes.

WHAT YOU GET TO DO IN THIS ROLE:

• Lead a team of experienced product security professionals focused on curating and developing hardening guidance that enables customers to reduce risk from insecure configuration
• Collaborate with software development leaders to optimize development lifecycle processes related to secure configuration
• Participate in security impactful feature-flag deprecation and customer migration efforts
• Work with Product Management teams to improve customer enablement workflows
  Qualifications

IN ORDER TO BE SUCCESSFUL IN THIS ROLE, WE NEED SOMEONE WHO HAS:

• Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI’s potential impact on the function or industry.
• 10 to 15 Years of experience in product security, or development engineering team.
• Ideally 5+ years of experience leading a product security, or development engineering teams.
• 2+ Years of experience with network and system security hardening, including NIST STIG/SCAP and/or CIS Benchmark frameworks.
• In-depth knowledge of common web application vulnerabilities (OWASP Top Ten) and knowledge of common application security control evaluation frameworks (OWASP ASVS) recommended.
• Experience with Threat modeling and threat modeling tools recommended
• Strong verbal communication skills with an emphasis on application remediation processes
• Ability to deliver technical documentation and communicate technical concepts to both non-technical business users as well as technical stakeholders
• Excellent negotiation and conflict management skills
• Developer level proficiency in at least one language - Python, Java, or JavaScript preferred
• Knowledge of common compliance frameworks (e.g. FedRAMP, NIST 800-53, ISO 27001) preferred.
• Degree in computer science / engineering, informatics, mathematics/statistics, or equivalent work experience