Senior Staff Product Security Engineer | Product Security Incident Response Team (PSIRT) at ServiceNow — NeverHard
Senior Staff Product Security Engineer | Product Security Incident Response Team (PSIRT) at ServiceNow in Kirkland, King County. Skills: Cloud Computing, Risk Management, SaaS, Security. Apply on NeverHard.
Company
ServiceNow
Location
Kirkland, King County
Type
not_specified
Required skills:
Cloud Computing
Risk Management
SaaS
Security
Job Description
The ServiceNow Security Organization (SSO)
The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact
About the role
ServiceNow seeks a senior staff-level product security engineer to serve as a senior technical authority within the Product Security Incident Response Team (PSIRT). PSIRT is ServiceNow's awareness, response, and investigation capability for post-release vulnerabilities in ServiceNow-developed products and service offerings.
This role is for a recognized expert who can operate independently and as part of a team on the most significant security issues facing the platform—vulnerabilities that require evaluating intangibles. You will lead deep-dive investigations, coordinate resolution across engineering, product, and release teams, and demonstrate calm, decisive leadership during significant security events.
This is a role for someone who already understands product development cycles and the engineering and product relationships that drive them—and will use that fluency to lead fixes to completion under incident pressure. You will help shape how ServiceNow responds to product security vulnerabilities at scale and the technical rigor of the entire response capability.
Key Responsibilities
Lead Through Significant Security Events
Provide additional response coverage outside of normal working hours for significant product vulnerabilities as they emerge.
Demonstrate technical and organizational leadership during these events—bringing structure and clear decision-making under pressure.
Partner with incident commanders, business information security leadership, engineering, and customer-facing teams to maintain clear ownership, workstream prioritization, and hand-offs during these events.
Reduce Exposure Window
Drive coordinated response across affected releases, balancing risk and remediation feasibility.
Leverage an understanding of product development cycles and engineering/product partnerships to move fixes through the release pipeline without stalling on organizational boundaries.
Verify fix completeness and guard against incomplete mitigations before release.
Drive the CVE & Coordinated Disclosure Process
Lead ServiceNow's CVE disclosure process—owning CVE assignment, scoring, advisory content, and publication timing.
Collaborate with external security partners, vendors, and researchers on coordinated disclosures, aligning timelines and messaging across parties.
Conduct technical accuracy reviews of external advisories, researcher write-ups, and joint disclosure content to ensure correctness before publication.
Represent PSIRT's technical position in multi-party coordinated disclosures and researcher engagements.
Pursue After-Action Outcomes & Continuous Improvement
Author postmortems and drive lessons learned to closure following product security incidents.
Participate in retrospectives following significant product security events, translating findings into concrete process and technical improvements.
Contribute to partner teams tracking product security risk themes and trends across the portfolio.
Contribute to SDLC improvement areas, feeding incident learnings upstream into secure development practices.