About the position
The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact.
Responsibilities
- Assisting in the design, execution and reporting of Red Team campaigns at ServiceNow.
- Creating adaptable and detailed attack plans.
- Thoroughly documenting timelines of events and attack path narratives.
- Meticulously documenting findings including all necessary information required to understand business impact, and enable the defensive teams (e.g. Blue Team and product engineering) to act upon them appropriately.
- Focus on strong collaboration and partnership with team peers, fostering mutual respect and team collaboration.
- Collaborating with ServiceNow Blue Team to enable improvements to threat detection, response, and mitigation.
- Acting as a mentor to junior teammates and as a security leader within ServiceNow.
- Providing security leadership by communicating and collaborating across the organization with internal security teams, product engineering, I.T. and other teams as needed.
- Developing a broad and deep technical understanding of ServiceNow services and products.
Requirements
- Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving.
- 12 to 15 or more years of experience attacking and defending corporate networks.
- Demonstrated successful track record in a Red Team position.
- Experience attacking environments with next-gen antivirus (NGAV) or endpoint detection and response (EDR) agents.
- Experience performing social engineering, physical security, and application security reviews.
- Strong understanding of operational security concepts.
- Adept in messaging highly technical security findings to product engineering and executive leadership.
- Proficient in scripting and programming languages, for example: C#, C, Java, JavaScript, Objective C, Python, Rust, Go, bash and PowerShell.
- Expert in *nix, Mac OS, and Microsoft Windows operating systems, including experience developing covert C2 payloads and understanding of forensic footprint or IOCs left by common tactics, techniques and procedures.
Nice-to-haves
- Shown industry leadership, such as presenting novel material at information security conferences, developing open source security tooling, or other extra-curricular contributions to the security community.
