Full-Time Senior Staff Information Security Engineer

The ServiceNow Security Organization delivers world-class, innovative security solutions to reduce risk and protect the company and customers. We enable customers to migrate sensitive data and workloads to the cloud, accelerating business and making us the most trusted SaaS provider. We create a positive work environment where employees can make a difference.

This position reports to the Director, Security Engineering. The Enterprise Security Engineering team builds state-of-the-art technology to reduce risk around sensitive company assets, acts as guidance to security operations teams, and shifts the security perception from blocker to enabler.

Role: The Senior Staff Information Security Engineer will be a technical expert within the Infrastructure Security team, responsible for securing ServiceNow's core enterprise infrastructure, including networks, servers, authentication systems, certificates, and operational tooling.

Responsibilities:

• Define and execute technical strategy for securing infrastructure, aligned with risk and business needs.
• Harden network and server infrastructure against unauthorized access, misconfigurations, and malware.
• Architect and implement scalable, automated security controls for authentication, configuration, and monitoring.
• Drive secure deployment and management of on-prem containerized environments (e.g., Kubernetes).
• Manage certificate lifecycle to prevent expiration risks.
• Champion operational excellence through automation, outage reduction, and service resilience improvements.
• Represent Infrastructure Security in architecture reviews, incident response, and compliance initiatives.
• Mentor and develop other engineers, promoting secure engineering practices.
• Stay current with industry threats and mitigation techniques.

Required Skills:

• Experience leveraging or critically thinking about how to integrate AI into processes.
• Master's degree in computer science, engineering, or information technology, or equivalent experience.
• 10+ years of hands-on engineering experience.
• Deep experience with operating system and server security (Linux, Windows).
• Advanced knowledge of enterprise networking and secure network architectures.
• Proficiency in scripting and automation (Python, Bash, Go, etc.).

Desirable Skills:

• Experience with web and database services.
• Experience with Splunk and SPL.
• Experience with cryptography.
• Experience with infrastructure-as-code and configuration management tools (Puppet, Ansible).
• Experience with hardware virtualization.
• Planning, configuring hardware/software upgrades.
• Automating operations and capacity planning.
• Troubleshooting system and software issues.
• Familiarity with industry certifications (FedRAMP, NIST 800-53, NIST CSF, SOC 2, SOX and GDPR).
• Strong problem-solving skills and a growth mindset.

What is the last date for applying to the job?

Which countries are accepted for this remote job?