Staff Product Security Engineer (SSDL)

Join the ServiceNow Security Organization (SSO) as a Staff Product Security Engineer to collaborate with developers and software architects on highly technical solutions, threat model software products and services, and mentor security champions to ensure secure software design.

Requirements

• 6+ years of experience in software security (AppSec)
• 3+ years of experience in threat modeling software applications and services
• Proficient in threat modeling methodologies such as STRIDE or PASTA
• In-depth knowledge of common web application vulnerabilities (OWASP Top 10)
• Developer-level proficiency in one or more languages - Python, Java, JavaScript, and Golang preferred
• Working knowledge of Machine Learning and taxonomies such as BIML
• In-depth knowledge of software design patterns and their security considerations
• In-depth knowledge of authentication and authorization standards
• Knowledge of symmetric and asymmetric cryptography
• Knowledge of cloud native technologies including containers and Kubernetes
• Knowledge of static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) security tools
• Ability to work collaboratively in a highly distributed team
• Ability to communicate technical concepts to business stakeholders
• A passion for security

Benefits

• Base pay of $173,100 to $303,000 plus equity (when applicable), variable/incentive compensation and benefits
• Health plans, including flexible spending accounts
• 401(k) Plan with company match
• ESPP
• Matching donations
• Flexible time away plan
• Family leave programs