AppSec Jobs
← Back to all jobs

ServiceNow

Staff Product Security Engineer (SSDL)

San Diego, CAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About ServiceNow

ServiceNow is an enterprise cloud computing company founded in 2004 and based in Santa Clara, California. It focuses on workflow automation and digital transformation solutions that enhance operations and service delivery across various business functions, including IT, HR, and customer service. The company's main offering is the Now Platform, a low-code development environment that allows businesses to create custom applications and automate workflows efficiently. This platform incorporates artificial intelligence, machine learning, robotic process automation, and performance analytics to improve operational efficiency. ServiceNow's product portfolio includes IT Service Management, IT Operations Management, IT Asset Management, Security Operations, Governance, Risk, and Compliance, Human Resources Service Delivery, Customer Service Management, and Field Service Management. ServiceNow serves a diverse range of industries, such as government, healthcare, telecommunications, and financial services. It has established strategic partnerships with companies like Celonis and NVIDIA to enhance its automation and AI capabilities. Since going public in 2012, ServiceNow has become a Fortune 500 company, recognized for its innovative approach to IT service management and enterprise-wide workflow automation.

Industry

information technology & services

Employees

27,000

8667 engineers

Revenue

$11B

Website

Visit →

Security at ServiceNow

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • ServiceNow's AppSec philosophy includes security education, best practices, iterative security design, and continuous security analysis.
  • They emphasize a risk-based approach to vulnerability management, prioritizing and remediating vulnerabilities based on business impact.
  • They also advocate for including security considerations early in solution design, stating that they take cybersecurity seriously.

Security Team

Information not publicly available regarding explicit AppSec team organizational structure statements or named AppSec leaders. Further research is needed for job posting counts and specific AppSec tooling references.

Key Initiatives

  • ServiceNow's initiatives include publishing an Instance Security Best Practices guide, which covers security education, best practices, iterative security design, and continuous security analysis, with findings reviewed by their Product Security Team for remediation.
  • Their Security Operations (SecOps) product pages emphasize applying risk-based vulnerability management, enhancing visibility into security posture, accelerating incident response, and prioritizing/remediating vulnerabilities based on business impact.
  • Developer guidance promotes including a dedicated section for security considerations in every solution plan.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.