Senior Information Security Analyst

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.

The ServiceNow Security Organisation is dedicated to delivering world-class, innovative security solutions that minimize risk and protect both our company and our customers. By enabling the secure migration of sensitive data and workloads to the cloud, we help accelerate ServiceNow's position as the most trusted SaaS provider in the industry.

About the Team – Global Security Support Center (GSSC) 

The Global Security Support Center (GSSC) at ServiceNow is a diverse and highly skilled team of security professionals who play a pivotal role in strengthening both our internal and external security posture. The team collaborates closely with various functions across the company and serves as a key interface with our customers on security-related matters.

Through expertise, communication, and a commitment to excellence, the GSSC team reinforces ServiceNow's reputation as a security-first organization, consistently demonstrating our commitment to protecting our platform, our data, and our customers.

Responsibilities

• Represent security organization in customer-facing Security Incidents, cases, Security findings, tasks and questions and calls related to Security & Privacy.
• Own, triage, investigate and respond to security matters of ServiceNow platform, ensuring timely communication, resolution and enhance customer experience and processes.
• Act as the primary point of contact for all security-related matters in ServiceNow, supporting both internal and external stakeholders.
• Facilitate the efficient workflow/triage of security-related incidents/cases by collaborating with customers and other internal ServiceNow teams.
• Build and maintain a high level of customer trust and confidence through exceptional service and communication.
• Customer Outreach Communications on Security & escalation handling.
• Understand and deliver excellent capability maturity models to fine tune Security processes.
• Create and enhance documentation and processes to strengthen security maturity and operational excellence.
• Develop and deliver training/enablement programs on Security, for internal and external customers on security awareness and best practices.
• Develop AI Solutions for automating repetitive activities & design new solutions leveraging AI.
• Work with Legal on security/privacy-related matters & a global team spread across different time zones, so flexibility of times is required.
• Provide support and be available as a responsible resource for the On-Call rotation (weekends, public holidays and after hours) as rostered.

To be successful in this role you have

• Experience: A minimum of 5 years of professional experience in information security or application security roles.
• Certifications: Relevant certifications are highly preferred, including but not limited to:
  • Required: ServiceNow Certified System Administrator (CSA)
  • Preferred (Two or more): Azure AI Fundamentals, AWS Certified AI Practitioner, Offensive Security Web Assessor (OSWA), GIAC Web Application Penetration Tester (GWAPT), GIAC Security Essentials Certification (GSEC), GIAC Certified Incident Handler (GCIH), CISSP, CISM.
• Skills & Competencies
  • Technical Skills:
    • Solid understanding of cloud computing models and major hyperscaler cloud models.
    • Hands-on experience with using and understanding security tools and technologies, including: SIEM solutions, logging tools, load balancers, firewalls, WAFs, IDS/IPS, vulnerability management platforms, encryption techniques etc.
    • Basic to Intermediate-level programming knowledge in Java/JavaScript with the ability to read, interpret & understand to explain code effectively.
    • Intermediate to Advanced proficiency in using web proxy tools for security testing and assessments.
  • Application Security: In-depth understanding of web application vulnerabilities (e.g., OWASP Top Ten) and corresponding mitigation strategies.
  • Risk Management: Ability to clearly explain security risks to non-technical stakeholders using straightforward, non-technical language.
  • Compliance & Regulatory Knowledge: Good knowledge of key compliance and regulatory frameworks including: NIST, CIS, GDPR, HIPAA, PCI DSS, ISO standards etc.
  • Artificial Intelligence: Experience working with AI technologies and designing AI-based solutions.
  • Analytical Thinking: Strong analytical and problem-solving capabilities, with the ability to evaluate and address complex security challenges.
  • Communication: Excellent verbal and written communication skills, with the ability to convey technical information to non-technical audience.
  • Team Collaboration: Demonstrated ability to thrive in a team-oriented, collaborative environment working in a follow the sun model.
  • Security Concepts: Good understanding of Security concepts and articulating Security and risk in simple terms without using jargons and make sense to customers.
• Education: Bachelor's degree in computer science or information security or relevant information security experience.
• Preferred Additional Experience: Hands-on experience with web-based vulnerability exploitation and experience is a strong plus to succeed in this role.

This Senior Information Security and Application Security Specialist role is an exciting opportunity to join a dynamic and forward-thinking company. If you have the skills, experience, and passion for ensuring the security and integrity of information systems, we invite you to apply and become part of the ServiceNow team.

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. 2025 Fortune Media IP Limited. All rights reserved. Used under license.