Remote Staff Product Security Engineer

Posted 11 hours ago 1 applied

Description:

The Staff Product Security Engineer will be part of the Secure Software Development Lifecycle (SSDL) team at ServiceNow, which focuses on improving the maturity of the security program.
This role involves collaborating with developers and software architects to build secure and resilient software.
Responsibilities include threat modelling software products and services to identify potential risks and participating in architectural reviews of products in development.
A key aspect of the position is to ensure the success of a large and growing security champions program by mentoring security champions and assisting them in secure software design.
The role includes working on a wide range of technologies and complex architectural and technical challenges.
The engineer will participate in threat modelling activities and mentor development teams to adopt secure coding practices.
The position requires advocacy for security and participation in a security champions program.

Candidates must have 6+ years of experience in software security (AppSec).
A minimum of 3+ years of experience in threat modelling software applications and services is required.
Proficiency in threat modelling methodologies such as STRIDE or PASTA and their application in fast-moving, iterative development lifecycles is necessary.
In-depth knowledge of common web application vulnerabilities, specifically the OWASP Top 10, is essential.
Developer-level proficiency in one or more programming languages, preferably Python, Java, JavaScript, or Golang, is required.
A working knowledge of Machine Learning and taxonomies such as BIML that categorize known attacks on machine learning models is needed.
Candidates should possess in-depth knowledge of software design patterns and their security considerations.
In-depth knowledge of authentication and authorization standards, including OAuth, OIDC, SAML, JWT, and PASETO, is required.
Knowledge of symmetric and asymmetric cryptography, digital signatures, PKI, TLS, and cryptographic hash functions is essential.

ServiceNow offers a flexible work environment with various work personas, including flexible, remote, or required in-office options.
The company is committed to creating an accessible and inclusive experience for all candidates and provides reasonable accommodations during the application process.
ServiceNow is an equal opportunity employer, ensuring that all qualified applicants receive consideration for employment without discrimination.
Employment may be contingent upon obtaining necessary export control approvals for certain positions requiring access to controlled technology.

Apply now

Please let ServiceNow know you found this job on RemoteYeah. This helps us get more companies to post jobs here for you.

Hiring company

ServiceNow

About the job

Posted on

August 16, 2025

Job type

Full-time

Salary

Location requirements

Job title

Other

Experience level

Staff

Degree requirement

Skills

Benefits

Job expired or something else is wrong with this job?

Report job