Sr. Dir., Product Security and AI

Company Description

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.

Job Description

Senior Director, Product Security and AI

ServiceNow is seeking a high energy, high EQ Security Leader who thrives in a highly cross-functional, rapid velocity environment. As a direct report to Vice President of Application Security, you'll have the opportunity to work with world-class security experts and cutting-edge technology to secure our product portfolio.  You will play a pivotal role in leading ServiceNow’s product security strategy, execution, and risk management initiatives.

This senior leadership position is responsible for ensuring that security is embedded throughout the ecosystem and entire product development lifecycle, including design, development, testing, and deployment of ServiceNow’s products and services. You will collaborate closely with engineering, product management, core infrastructure, security operations, and executive leadership to ensure that the company's product security posture is industry leading.

You will:

• Drive scale
• Transform culture
• Design end-to-end global enterprise security solutions, technologies, and strategies across a broad set of security disciplines incorporating AI technologies.
• Design and implement an integrated security ecosystem blanket to deter, detect, defend, and respond to ServiceNow’s business impacting security, operational security, and risk issues.

Responsibilities:

• Define and implement the long-term vision, strategy, and roadmap for product and application security aligned with company objectives and industry best practices.
• Lead efforts to integrate security into the Software Development Life Cycle (SDLC) and DevSecOps pipelines, ensuring that security is considered from inception through deployment.
• Take an adversary perspective to identify, prioritize, and mitigate vulnerabilities in our products across both pre- and post-production environments and establish clear processes for vulnerability management.
• Develop best-in-class security controls frameworks to enable new initiatives such as our Generative AI efforts.
• Manage, mentor, and grow a team of product security engineers and architects responsible for application security testing, vulnerability assessments, and code reviews.
• Foster a culture of innovation, collaboration, and continuous improvement within the product security organization.
• Partner with product management, engineering, and other relevant teams to ensure that security requirements are clearly defined and implemented within all product offerings.
• Work closely with legal and compliance teams to ensure product security meets regulatory requirements (e.g., GDPR, CCPA, and other industry-specific regulations).
• Lead the response to critical product security incidents, vulnerabilities, and threats, ensuring timely mitigation and communication to stakeholders.
• Oversee threat modeling, vulnerability scanning, and penetration testing to identify and mitigate risks in products and applications.
• Ensure that security risk assessments are conducted regularly and that remediation efforts are tracked and closed in a timely manner.
• Champion security best practices within the organization, driving awareness and education for product teams and stakeholders on secure coding practices and emerging threats.
• Represent product security efforts in customer-facing engagements, providing confidence to clients regarding our security posture.
• Stay current with emerging threats, vulnerabilities, and security technologies, and incorporate learnings into product security strategies.
• Drive research and adoption of new security technologies, methodologies, and tools to enhance product security capabilities.

Qualifications

Qualifications:

• 15+ experience leading a security application development engineering organization and securing the overall enterprise and security posture in a large-scale environment
• 12+ years of experience driving security product vision, design roadmaps, and digital design transformation and products.

• Subject matter expertise in cybersecurity within cloud, enterprise, and across industry platforms, including strategic and tactical security operations, security product solutions, and highly complex security programs.

• Strong influence and leadership skills including the ability to motivate and lead cross functional executive, management, and individual contributor teams independently.
• Experience with managing product lifecycle, including threat modeling, vulnerability management and end-of-life considerations In-depth knowledge of technology, security, risk, and compliance best practices.
• Demonstrated knowledge of zero trust concepts, enterprise systems, cloud solutions and IT/security technologies.
• Experience leading diverse, geographically distributed international teams
• Experience with ServiceNow products is a plus.
• Experience with advanced Generative AI technologies is a plus.
• Experience in designing in SaaS, PaaS, Cloud technologies
• Experience working with Agile teams in a high-growth environment. 
• Extensive experience in organization vision development, driving organization shift.
• Highly developed communication and presentations skills with a superior ability to effectively communicate complex concepts and issues to leadership teams in a highly compelling, persuasive, fact-based manner. 
• Highly skilled at working cross functionally with technology, engineering, and product teams to create, implement and evolve digital solutions for employee personas.
• Deep understanding of software architecture and proven ability to lead through influence and logical reasoning.
• BA/BS in Computer Science, Engineering, or equivalent experience; Masters preferred.  

We are passionate about our product and live for our customers. We are hungry and humble, but we have high expectations.  Joining ServiceNow is an opportunity to better yourself personally and professionally while solving real, 21st century enterprise computing challenges. 

Not sure if you meet every qualification? We still encourage you to apply! We value inclusivity, welcoming candidates from diverse backgrounds, including non-traditional paths. Unique experiences enrich our team, and the willingness to dream big makes you an exceptional candidate!

For positions in this location, we offer a base pay of $274,300 - $480,100, plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location.

Additional Information

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license.