Full-Time Senior Application Security Engineer

The ServiceNow Security Organization delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider.

This critical position values integrity, quality, expertise, precision, communication, and efficiency and is looking for security professionals with developing to established security backgrounds and excellent communications.

As a Senior Application Security Engineer on the Global Security Support Center Application Security team, you will be responsible for investigating reported application security vulnerabilities.

In this role you will work with customers, external security researchers, and developers to understand & document reported vulnerabilities. Success in this role requires web application security knowledge, analytical debugging skills, strong communication skills, and strong programming language proficiency.

What you get to do in this role:

• Investigate ServiceNow's products to discover, communicate, and recommend remediation activities for software vulnerabilities.
• Help customers improve the security posture of their environments, prepare to pentest their environment, and deal with respective regulatory requirements.
• Review, test, and confirm security findings reported by customers and ensure they fully understand the finding outcomes.
• Report problems based on confirmed security findings.
• Contribute to architecting roadmaps for ServiceNow's Customer Penetration Testing & Security Finding program
• Aide in development efforts by testing the proposed solutions for confirmed vulnerabilities within the ServiceNow platform.

This position requires:

• Passing a ServiceNow background screening, USFedPASS (US Federal Personnel Authorization Screening Standards).

To be successful in this role you have:

• 4+ years of working in Cyber Security or adjacent role(s)
• 3+ years of ServiceNow experience; ServiceNow's "Certified System Administrator" certification preferred
• In-depth knowledge of common web application vulnerabilities (OWASP Top Ten)
• Developer level proficiency in at least one language - Python, Java, or JavaScript preferred
• A bachelor's degree in computer Science or equivalent project/work experience
• A strong understanding of web (or mobile) application security assessment techniques
• Excellent communication skills and can articulate complex issues to peers, executives, and customers
• Strong interpersonal skills
• The ability to perform and excel with little supervision; self-motivated and driven
• Excellent collaboration skills; the ability to foster and feed off coworkers
• Win As a Team attitude; are a great team player
• A passion for security
• Offensive Security OSWE and/or OSCP certification(s) a plus

Not sure if you meet every qualification? We still encourage you to apply!

We value inclusivity, welcoming candidates from diverse backgrounds, including non-traditional paths. Unique experiences enrich our team, and the willingness to dream big makes you an exceptional candidate!

What is the last date for applying to the job?

Which countries are accepted for this remote job?