Junior Product Security Engineer

Verified Job On Employer Career Site

Job Summary:

ServiceNow is a global market leader in innovative AI-enhanced technology, aiming to make the world work better for everyone. The Product Security Engineer will play a crucial role in securing applications by conducting security assessments, integrating security into the software development lifecycle, and collaborating with teams to enhance secure application solutions.

Responsibilities:

• Perform and support security assessments across a wide range of modern product features.

• Conduct code reviews in a mixed-language codebase.

• Integrate security into the software development lifecycle (SDLC) at ServiceNow.

• Partner with developers and architects to design, implement, and enhance secure application solutions.

• Apply expertise in authentication, authorization, secure mobile development, cryptography, and secure-by-design practices.

• Champion security awareness and educate teams on secure development behaviors.

• Define and implement application security best practices, standards, and guidelines.

• Contribute to strategic and high-impact BSIMM activities across the company.

• Support compliance efforts including audits, regulatory reviews, and security assessments.

• Build and improve internal tools to make secure development easier and prevent insecure code from shipping.

• Maintain and evolve automation test frameworks to improve security testing reliability and efficiency.

• Collaborate with developers to design and automate targeted security testing strategies.

• Work closely with engineering teams to identify, troubleshoot, and resolve security issues in development and test environments.

Qualifications:

Required:

• 2 years of application or product security experience.

• Bachelor’s or Master’s degree in Computer Science, Engineering, Information Security, or equivalent work experience.

• Experience thinking critically about or integrating AI into workflows, tooling, or decision-making (e.g., AI-powered tools, automated insights, or GenAI platforms).

• Demonstrated hands-on experience with: Identifying and resolving OWASP Top 10 vulnerabilities, Threat modeling in Agile environments, Security Verification Standards, Authentication and authorization schemes.

• Experience with automation using scripting languages (e.g., Python, JavaScript).

• Experience with data structures, algorithms, object-oriented design, design patterns, with security consideration.

• Strong grasp of web and mobile application security techniques, threat modeling, and secure coding practices.

• Understanding of vulnerabilities and risk in GenAI/AgenticAI platforms.

• Ability to evaluate and triage results from SAST and DAST tools, perform risk assessments, and guide remediation efforts.

• Strong analytical skills and ability to communicate with both technical and non-technical stakeholders.

• Proactive mindset toward learning and adopting emerging technologies, tools, and frameworks to drive innovation.

Company:

ServiceNow is an AI platform that delivers IT operations, field service management, and app engine solutions. Founded in 2004, the company is headquartered in Santa Clara, California, USA, with a team of 10001 employees. The company is currently Public Company. ServiceNow has a track record of offering H1B sponsorships.