Be an early applicantLess than 25 applicants

Company

ServiceNow · 7 hours ago

Staff Product Security Engineer

Atlanta, GA

Full-time

Remote

Senior Level, Lead/Staff

8+ years exp

Maximize your interview chances

Business Process Automation (BPA)Cloud Management

Growth Opportunities

H1B Sponsor Likely

Insider Connection @ServiceNow

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Work on a wide range of technologies

Work on complex architectural and technical challenges

Participate in threat modeling activities

Mentor and collaborate with development teams to adopt secure coding practices

Work on strategic and highly visible security activities across the organization

Be an advocate for security and participate in a security champions program

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Software Security (AppSec)Threat ModelingWeb Application VulnerabilitiesAuthentication StandardsPythonJavaJavaScriptGolangMachine LearningSoftware Design PatternsCryptographyCloud Native TechnologiesStatic Analysis ToolsDynamic Analysis ToolsSoftware Composition Analysis ToolsPassion for Security

Required

8+ years of experience in software security (AppSec)

4+ years of experience in threat modeling software applications and services

Expert-level knowledge in threat modeling methodologies such as STRIDE or PASTA and their applied use in fast-moving, iterative development lifecycles

Expert-level knowledge of common web application vulnerabilities (OWASP Top 10)

In-depth knowledge of software design patterns and their security considerations

Expertise in authentication and authorization standards including OAuth, OIDC, SAML, JWT, and PASETO

Knowledge of symmetric and asymmetric cryptography, digital signatures, PKI, TLS, and cryptographic hash functions

Knowledge of static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) security tools

Knowledge of OWASP ASVS, SCVS, and related verification standards

Ability to work collaboratively in a highly distributed team

Ability to communicate technical concepts to business stakeholders

A passion for security

Preferred

Developer-level proficiency in one or more languages - Python, Java, JavaScript, and Golang preferred

Working knowledge of Machine Learning and taxonomies such as BIML that categorize known attacks on machine learning models

Knowledge of cloud native technologies including containers, Kubernetes, and services provided by AWS, GCP, and Azure

Company

ServiceNow

Glassdoor

4.4

ServiceNow is an AI platform that delivers IT operations, field service management, and app engine solutions.

Founded in 2004

Santa Clara, California, USA

10,001+ employees

http://www.servicenow.com

H1B Sponsorship

ServiceNow has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (650)

2022 (816)

2021 (565)

2020 (420)