Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Staff Product Security Engineer

$201.3k - $352.3k
Full-time

ServiceNow

Role Description

The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact.

ServiceNow seeks a senior staff-level product security engineer to serve as a senior technical authority within the Product Security Incident Response Team (PSIRT). This role is for a recognized expert who can operate independently and as part of a team on the most significant security issues facing the platform—vulnerabilities that require evaluating intangibles.

You will lead deep-dive investigations, coordinate resolution across engineering, product, and release teams, and demonstrate calm, decisive leadership during significant security events.

Key Responsibilities

  • Lead Through Significant Security Events
    • Provide additional response coverage outside of normal working hours for significant product vulnerabilities as they emerge.
    • Demonstrate technical and organizational leadership during these events—bringing structure and clear decision-making under pressure.
    • Partner with incident commanders, business information security leadership, engineering, and customer-facing teams to maintain clear ownership, workstream prioritization, and hand-offs during these events.
  • Reduce Exposure Window
    • Drive coordinated response across affected releases, balancing risk and remediation feasibility.
    • Leverage an understanding of product development cycles and engineering/product partnerships to move fixes through the release pipeline without stalling on organizational boundaries.
    • Verify fix completeness and guard against incomplete mitigations before release.
  • Drive the CVE & Coordinated Disclosure Process
    • Lead ServiceNow's CVE disclosure process—owning CVE assignment, scoring, advisory content, and publication timing.
    • Collaborate with external security partners, vendors, and researchers on coordinated disclosures, aligning timelines and messaging across parties.
    • Conduct technical accuracy reviews of external advisories, researcher write-ups, and joint disclosure content to ensure correctness before publication.
    • Represent PSIRT's technical position in multi-party coordinated disclosures and researcher engagements.
  • Pursue After-Action Outcomes & Continuous Improvement
    • Author postmortems and drive lessons learned to closure following product security incidents.
    • Participate in retrospectives following significant product security events, translating findings into concrete process and technical improvements.
    • Contribute to partner teams tracking product security risk themes and trends across the portfolio.
    • Contribute to SDLC improvement areas, feeding incident learnings upstream into secure development practices.

Qualifications

  • Minimum 12 years of related experience with a Bachelor's degree; or 8 years with a Master's degree; or a PhD with 5 years of experience; or equivalent experience.
  • Minimum 5 years of auditing source code for security vulnerabilities.
  • Demonstrated leadership during significant security events or major incidents, with willingness to participate in on-call.
  • Ability to read and comprehend Java and JavaScript code.
  • Strong understanding of common Java and JavaScript vulnerabilities.
  • Proficiency in scripting in both Python and JavaScript for data gathering, processing, and visualization.
  • Development of proof-of-concept exploits for web application vulnerabilities.
  • Written and verbal communication of complex security risk clearly to both technical teams and leadership.
  • Experience with leading fix implementation and release coordination across engineering, product, and test/release teams.
  • Proficiency in deep-dive product security investigations and root-cause analysis spanning design, code, configuration, and operational layers.
  • Exploit analysis and proof-of-concept development that distinguishes real exploitability from theoretical risk.
  • Familiarity with SDLC integration, CI/CD pipelines, SaaS threat models, and secure development practices.
  • Experience leading a CVE disclosure process, including CVE assignment, scoring (CVSS), and advisory publication.

Preferred Qualifications

  • Experience in a PSIRT or similar function for a major software or SaaS platform.
  • Recognized expertise in product security incident response, vulnerability research, or application security within a software or SaaS environment.
  • Experience conducting vulnerability assessments on the ServiceNow platform.
  • Experience with emerging threats: AI-specific attack vectors, software supply chain security, and SDLC tooling security.
  • Experience with cloud infrastructure (AWS, Azure, GCP) and containerized environments.
  • Relevant security certifications (e.g., OSWE) or demonstrated equivalent expertise.

Benefits

  • Base pay of $201,300 - $352,300, plus equity (when applicable), variable/incentive compensation and benefits.
  • Health plans, including flexible spending accounts.
  • 401(k) Plan with company match.
  • Employee Stock Purchase Plan (ESPP).
  • Matching donations.
  • Flexible time away plan and family leave programs.
Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Senior Staff Product Security Engineer in Remote vacancy
  • $221k - $250k

     ...across hardware, software, AI, cryptography, mobile engineering, and global operations. Our teams come from...  ...the Time AI 100. Learn more about the newest product launches from our Liftoff event. About the Team The Security team at Tools for Humanity operates at a level... 
    Senior
    Flexible hours

    Tools-For-Humanity

    San Francisco, CA
    4 days ago
  •  ...Our First Security-Focused Engineer Takes high-level direction (e.g., "identify top five security-related gaps for AX") and drives to results...  ...continuously enhance our security posture in all areas of the product. Day-to-day: Select, deploy and tune security... 
    Senior
    Remote work

    LanceDB

    United States
    2 days ago
  •  ...Join Hologic's mission to drive a Secure by Design culture within our Breast & Skeletal Health Connected Health products. As a Senior Product Security Engineer , you will play a pivotal role in ensuring the security and integrity of our innovative healthcare solutions... 
    Senior
    Remote work

    Hologic

    Marlborough, MA
    3 days ago
  • $153k - $213k

     ...Senior Product Security Engineer Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm values information security as a critical part of... 
    Senior
    Remote work

    Affirm

    United States
    2 days ago
  •  ...Product Security Engineer Persona is the configurable identity platform built for businesses in a digital-first world. Verifying individuals...  ...financial data, identity, etc. The Team Small and senior by design. High ownership from day one — this isn't a team... 
    Senior
    Full time
    For contractors
    Internship
    Relocation package

    Persona

    San Francisco, CA
    5 days ago
  • $131.42k - $216.87k

     ...RedHat is a rapidly growing company supporting more than 90% of Fortune500 companies. Job Summary RedHat Product Security ( is looking for a Senior Product Security Engineer to join our global Resilient Development team. RedHat’s Resilient Development Team focuses on Secure... 
    Senior
    Permanent employment
    Full time
    Contract work
    Work experience placement
    Work at office
    Remote work
    Flexible hours

    Dormont Manufacturing Company

    Raleigh, NC
    3 days ago
  • $168k - $210k

     ...Joining Collibra's Product Security team Collibra is seeking a Senior Product Security Engineer to join our high-impact team. You will be a key individual responsible for identifying vulnerabilities and providing expert remediation consulting for our global product... 
    Senior
    Work experience placement
    Remote work
    Flexible hours

    Collibra

    United States
    5 days ago
  •  ...Senior Product Security Engineer United Kingdom - Remote Chainguard is the trusted source for open source. By delivering hardened, secure, and...  ...Ventures, Sequoia Capital, and Spark Capital. Staff Product Security Engineer The role in a nutshell: You... 
    Senior
    Local area
    Remote work
    Flexible hours

    Chainguard

    United States
    5 days ago
  •  ...Senior Security Engineer Airwallex's Information Security team partners closely with engineering, IT, and other stakeholders to protect our...  ...maintain strong security practices across the company—from secure product and infrastructure design to risk reduction, incident... 
    Senior
    Remote work

    Airwallex

    United States
    2 days ago
  •  ...Senior Product Security Engineer DataRobot delivers AI that maximizes impact and minimizes business risk. Our platform and applications integrate...  ...when to escalate architectural decisions to Senior and Staff engineers. Strategic Mindset: Experience determining not... 
    Senior
    Local area
    Remote work
    Worldwide
    Flexible hours

    DataRobot

    United States
    3 days ago
  •  ...Senior Product Security Engineer Delinea's Cybersecurity organization is seeking an experienced Senior Product Security Engineer to provide technical leadership and execution for an industry-leading Product Security Program. This critical role is expected to be a key... 
    Senior
    Work experience placement
    Local area
    Remote work

    Delinea

    United States
    3 days ago
  • $113k - $125k

     ...testing, deployments, application security, reliability, compliance, and...  .... About the Role Product Security is responsible for...  ...developing partnerships with engineering and product teams to accelerate...  ...security by design. The Senior Product Security Engineer is... 
    Senior
    Local area
    Immediate start
    Remote work
    Shift work

    Harness

    United States
    2 days ago
  •  ...Senior Security Engineer, Add-ons Operations At Mozilla Corporation Team: Firefox Locations...  ...million people around the world using our products each month, we're shaping the next 25...  ...open, with contributions from Mozilla staff and community members. What you... 
    Senior
    Immediate start
    Remote work
    Home office

    Mozilla Ventures

    United States
    4 days ago
  • $144k - $191k

     ...vision, sensor fusion, and networking technology to the military in months, not years. ABOUT THE TEAM We're seeking a product security engineer to own security for assigned products, particularly radar systems, in your technical domain. This role involves... 
    Senior
    Full time
    Work experience placement
    Immediate start

    Anduril Industries

    Fort Collins, CO
    9 hours ago
  • $146k - $194k

     ...computer vision, sensor fusion, and networking technology to the military in months, not years. ABOUT THE TEAM We're seeking a product security engineer to own security for assigned products, particularly radar systems, in your technical domain. This role involves providing... 
    Senior
    Full time
    Work experience placement
    Immediate start

    Anduril Industries

    Costa Mesa, CA
    9 hours ago
  •  ...Overview: Serve as a senior security engineering resource supporting multiple product and development teams. Lead application and platform security assessments for new features, services, and emerging technologies, including AI-driven solutions. Conduct security testing... 
    Senior
    Full time

    aqua IT

    Remote
    25 days ago
  •  ...crypto transactions. You will operate the Product Security programe for Blockchain.com’s...  ...Consumer, OTC and MRE lines. This is a senior, hands-on role: you’ll design and run the...  ...the security debt lifecycle for product engineering teams, and architect the automated pipelines... 
    Senior
    Full time
    Contract work
    Apprenticeship
    Work at office
    Remote work
    Worldwide
    Flexible hours

    Blockchain

    United Kingdom
    18 days ago
  • $107.7k - $285.9k

    Role Description GitHub is transforming how the world builds secure software, and we are looking for a Product Security Engineer III to join our Product Security Engineering team. This is a hands-on engineering role focused on building internal security platforms, tooling... 
    Full time

    GitHub, Inc.

    Remote
    4 days ago
  • $250k - $400k

     ...The role of a Product Security Engineer is pivotal in shaping the future of AI-native security engineering. This position operates at the intersection of application security, machine learning, and developer productivity, focusing on the design of autonomous security systems... 
    Full time
    Remote work

    SaidGig

    United States
    26 days ago
  • $137.86k - $250k

     ...time - safely creating abundance for all. About the Team The Security Engineering team is responsible for protecting our robots,...  ...into how we build and operate humanoid robotics systems. The Product Security team focuses on the end-to-end security of NEO itself... 
    Temporary work
    Local area
    Remote work
    Work from home
    Flexible hours

    1X

    San Carlos, CA
    2 days ago
  •  ...civilization from the effects of infrastructure failure. Role at a Glance We are building the Product Security team to build and scale application security at Gecko. As a Product Security Engineer you will play a key role in shaping how security works across our product as we... 
    Work at office
    Local area
    Work from home
    Flexible hours

    Gecko Robotics Inc

    Boston, MA
    3 days ago
  •  ...Some positions may allow for telecommuting. Some positions may require travel. Responsibilities Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. How to Apply To apply, email resume to: ****@*****.***.... 
    Full time
    Remote work

    Wilder Wealthy & Wise

    San Francisco, CA
    4 days ago
  •  ...global ocean transportation market. Our products provide ships and workboats the intelligence...  ...by an experienced team of mariners, engineers, coders, and autonomy scientists. Sea Machiners...  .... Job Summary We are seeking a Product Security Engineer dedicated to delivering cutting... 
    Full time
    Remote work
    Flexible hours

    6AM City

    Oklahoma City, OK
    3 days ago
  • $208k - $312k

     ...About the Role: We are looking for a Product Security Engineer to join our security team to drive critical product security initiatives across...  ...platform earns the trust of developers and end-users alike. As a senior member of the team, you will lead cross-organizational... 
    Work at office
    Remote work
    Work from home
    Monday to Friday
    Flexible hours

    Vercel Corp

    San Francisco, CA
    4 days ago
  • $187k - $260k

     ...Airtable to transform how work gets done. Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our...  ..., and strategic planning for the security team. ~(Senior/Staff L5+) Lead complex threat modeling sessions for major product... 
    For contractors
    Live in
    Remote work

    Airtable

    United States
    4 days ago
  • $74.16 - $92.7 per hour

     ...Description Product Security Engineer Full-time Remote You'll be joining Adobe on a contract opportunity, employed through NextDeavor Benefits You'll Love NextDeavor offers health, vision and dental benefits for contract employees Paid sick leave... 
    Hourly pay
    Permanent employment
    Full time
    Contract work
    Remote work

    NextDeavor

    San Jose, CA
    1 day ago
  •  ...Product Security Engineer We're looking for a Product Security Engineer to join our team and help strengthen how security is built into Supabase's products, platform, and engineering workflows as we continue to scale. You'll work closely with software engineers, infrastructure... 
    Remote work
    Flexible hours

    Supabase

    United States
    1 day ago
  •  ...Application Security Engineer We are seeking a skilled and motivated Application Security Engineer to join our Product Security team. In this role, you will play a critical part in strengthening our application security posture across multiple products and platforms... 
    Second job
    Local area
    Remote work

    GoDaddy

    United States
    2 days ago
  • $130k

     ...Security Engineer We are looking for an early-career Security Engineer to join our Product Security team, someone who has a builder's mindset, is eager to learn, and is excited to contribute to both planned initiatives and dynamic, real-time security needs with enough... 
    Full time
    Work at office
    Local area
    Remote work
    Night shift

    Colorwave Inc

    San Francisco, CA
    3 days ago
  • $500 per month

     ...Product Security Engineer Netherlands (remote) About ClickHouse Recognized on the 2025 Forbes Cloud 100 list, ClickHouse is one of the most innovative and fast-growing private cloud companies. With more than 3,000 customers and ARR that has grown over 250 percent... 
    Local area
    Remote work
    Home office
    Flexible hours

    ClickHouse

    United States
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Staff Product Security Engineer. Be the first to apply!