Sr Information Security Engineer, SAAS Security

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.

Team:

This position reports to the Senior Manager, Security Engineering. The Enterprise Security Engineering team targets building state-of-the-art technology that will help reduce the risk surrounding the sensitive assets of the company with the least impact possible on operations, acts as guidance and facilitator to the security operations teams and helps shifting Security perception from blocker to enabler by building a relationship of trust with the other teams.

Role:

The Senior Information Security Engineer will be part of the endpoint security team and will be responsible for ensuring the integrity and security of the organization's information systems by managing and enhancing endpoint and network security measures.

What you get to do in this role:

 

• Implement and maintain advanced security measures for endpoints and networks, ensuring robust protection against unauthorized access and cyber threats.
• Develop, enforce, and monitor network access control policies to regulate who and what devices can access the organization's network.
• Conduct continuous and detailed inspection of network traffic to identify and mitigate potential security threats, anomalies, and vulnerabilities.
• Design and enforce security protocols, conduct regular security audits, and ensure compliance with industry standards and regulatory requirements.
• Implement and manage security solutions to enhance the organization's overall security posture, ensuring secure and efficient remote access and internet security.
• Monitor user activities and enforce security policies to prevent data leakage and ensure compliance with organizational security standards

To be successful in this role you have:

• Master's degree in computer science; engineering, or information technology or equivalent industry experience
• Experience on SAAS security like CASB, DSPM, SSPM, DLP, or any API-based integrations..
• 8+ years of relevant hands-on engineering experienceIn-depth knowledge of operating systems (Linux, UNIX, and Windows)
• In-depth knowledge of networking (routing, switching, load-balancing, intrusion detection systems and firewalls).
• Ability to develop security automation scripts using Python, PowerShell, Bash for process efficiency and consistency.
• Experience in securing remote access (BYOD).
• Experience with implementing and managing NAC solutions to control device and user access to the network.
• Experience with deep packet inspection and network traffic analysisUnderstanding of PKI, Encryption methods.
  
  Desirable Skills:
• Strong practical exposure to SaaS Security controls across CASB, SSPM, DSPM, and API-based DLP solutions
• Ability to assess SaaS application security posture — misconfigurations, data exposure risks, excessive permissions, and risky third-party integrations
• Familiarity with authentication and access standards such as SAML, OAuth, SCIM, MFA, SSO and their security implications in SaaS platforms
• Experience integrating SaaS platforms with IAM, SIEM/SOAR, EDR/MDM, and Email Security tools for automated monitoring and enforcement
• Skilled in interpreting complex SaaS and network security logs to detect insider activity and data exfiltration patterns
• Understanding of Zero Trust principles applied to SaaS environments
• Knowledge of data classification and governance workflows in collaboration and storage platforms like M365, Google Workspace, Box, Salesforce, etc.
• Strong cross-functional collaboration with Network Security, Endpoint Security, and IT Operations teams to drive security remediation
• Ability to create documentation, SOPs, and playbooks for operational maturity and process consistency
• Passion for continuous learning and staying up-to-date on emerging SaaS threats and security technologies

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. 2025 Fortune Media IP Limited. All rights reserved. Used under license.