Back to jobsApply
ServiceNow

As the AI platform for business transformation, we're putting AI to work across organizations — freeing people for work that matters. Making old tech work with new tech. Reaching across departments, from the front office to the back office and every office in between. Our ambition? To become the AI defining enterprise software company of the 21st century (or "AI DESCO21C," as we like to call it). With more than 8,100+ customers, we serve approximately 85% of the Fortune 500®, and we're proud to be a Fortune 100 Best Companies to Work For® and World's Most Admired Companies™. Explore your future career with us, visit www.servicenow.com/careers. From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.

Principal Software Engineer | DevSecOps | Product Security

Software EngineerSoftware EngineerFull TimeRemoteTeam 10,001+Since 2004H1B SponsorCompany SiteLinkedIn

Location

Washington

Posted

22 days ago

Salary

$240.1K - $420.2K / year

Bachelor Degree10 yrs expEnglishSastSecret DetectionDeep Code SearchSource Code SecurityAi/mlScaDastContainer ScanningIac ScanningCi/cdServicenowFlow DesignerScoped ApplicationsSemgrepCodeqlCheckmarxGitguardianTrufflehogDetect SecretsSnykDependabotGrypeKubernetesServerlessAWSAzureGCPStride

Job Description

Company Description It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone. Job Description **PLEASE NOTE, THIS ROLE REQUIRES A MINIMUM OF 2 DAYS A WEEK IN ANYONE OF OUR SERVICENOW OFFICES THROUGH THE U.S.....If you cannot commit to 2 days per week in a ServiceNow Office..........PLEASE DO NOT APPLY, THANK YOU VERY MUCH** The ServiceNow Security Organization (SSO) The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact The DevSecOps team within Product Security is responsible for building, integrating, and operating resilient security services that protect the NOW platform, store applications, mobile applications, and internal services. We empower over 9,000 developers globally to build secure software by embedding automated security tools and services throughout the software development lifecycle. We are a collaborative and innovative team, driving a security-first culture through automation and continuous improvement. Role As a Principal Engineer on the DevSecOps team, you will lead the development, deployment, integration, and scale of security services to support SAST, Secret Detection, Deep Code Search, and other Source Code Security functions across ServiceNow. You will support Product Engineers and Product Management across hundreds of BUs and understand how security is an enabler to reduce product delivery cycle time and security risk. In addition, you will ensure our embedded security services provide the best developer experience with high fidelity findings and actionable remediation guidelines. Finally, you will lead the build of ServiceNow Apps and Services to support the Product Security Organization's security activities at scale and make the world of work, work better for all of us. What you get to do in this role: Use your software engineering expertise to engage in deep technical conversations with lead engineers across the company, balancing security risk prioritization with empathy for speed-to-market pressures. Clearly articulate and prioritize security risk to engineering peers and business unit leaders (VP/SVP level), exercising diplomacy in high-visibility situations and building metrics dashboards that resonate with both technical and executive audiences. Innovate with AI/ML technologies to proactively identify, prioritize, and remediate security risks at scale, applying intelligent automation to improve signal quality, reduce false positives, and accelerate secure software delivery. Lead the architecture and development of our next-gen source code security tools, including a suite of SAST, Secret detection, Code Search and other services to secure our platform, store applications, and cloud native services. You can see the forest through the trees and prioritize service development areas by risk and organizational readiness. Design and advocate for security service integrations at optimal points in the software development lifecycle, enabling developers to discover and remediate issues with zero friction. Coach and mentor team members in their personal and professional development, identify training opportunities, and seek diverse perspectives to continuously improve team capabilities. Create targeted security training and translate technical findings into actionable, practical guidance that makes secure-by-default choices easier than insecure ones for the entire engineering organization. Qualifications

Job Requirements

  • To be successful in this role you have:
  • Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry.
  • 15+ years of software engineering experience with a proven track record of influencing and delivering high-impact projects across large organizations, and a demonstrated ability to reduce complex systems into maintainable solutions that less experienced engineers can operate with confidence.
  • Or similar experience in combination with education
  • Deep expertise in application security tooling and DevSecOps including 5+ years architecting, integrating, and operating security testing pipelines (SAST, secret detection, SCA, DAST, container/IaC scanning) with understanding of each tool class's strengths, limitations, false positive tuning, optimal SDLC placement, and risk-based policy enforcement.
  • Passion for security as an enabler-you believe security accelerates innovation when implemented thoughtfully and strive to create developer experiences that make security invisible and effortless.
  • Demonstrated ability to challenge conventional security approaches and evolve practices to meet the needs of modern, cloud native, high velocity engineering organizations.
  • Expert-level secure software development skills including secure architecture design, threat modeling (STRIDE or similar frameworks), security-conscious code review, secure API development, and polyglot programming capabilities across multiple languages and paradigms.
  • Proven ability to influence senior leadership and drive cross-functional collaboration with experience communicating security risk to VP/SVP-level stakeholders, making tough decisions under pressure, and building trust across engineering, product, and security organizations.
  • Strong foundation in distributed systems, CI/CD, and automation with experience designing secure, scalable distributed architectures, implementing security gates in continuous deployment pipelines, and building test automation frameworks that embed security validation throughout the SDLC.
  • Track record of coaching, training, and elevating organizational security capabilities through mentorship, creating targeted training programs, and translating complex security findings into practical secure-by-default guidance that empowers thousands of developers
  • Experience with security metrics, KPIs, and program maturity assessment including establishing meaningful metrics (MTTR, vulnerability density, coverage, escape rates), benchmarking against frameworks (BSIMM, SAMM), and translating technical findings into risk-quantified narratives for executive audiences.
  • Proficiency with AI-enabled security practices and generative AI security fundamentals including leveraging AI tooling to accelerate security workflows while maintaining critical evaluation of AI outputs and understanding both AI attack surfaces and adversarial AI use cases.
  • BS in computer science or equivalent work experience.
  • Nice to have:
  • Hands-on experience with modern security tooling such as Semgrep, CodeQL, or Checkmarx for SAST; GitGuardian, TruffleHog, or detect-secrets for secret detection; Snyk, Dependabot, or Grype for SCA; or equivalent tools in the application security ecosystem
  • ServiceNow platform and application development experience including familiarity with the NOW platform architecture, Scoped Applications, Flow Designer, or custom app development that would accelerate your ability to build native security services
  • Experience scaling security programs at high-growth technology companies with engineering organizations of 5,000+ developers, demonstrating patterns for balancing security rigor with developer velocity at scale
  • Security certifications such as CISSP, OSCP, CEH, CSSLP, or equivalent that demonstrate formal security training and commitment to the discipline
  • Open-source security contributions including contributions to security tools, vulnerability disclosures, security research publications, or active participation in security communities (OWASP, BSides, Black Hat, etc.)
  • Cloud-native security expertise with experience securing Kubernetes, containerized workloads, serverless architectures, or infrastructure-as-code in AWS, Azure, or GCP environments
  • #SecurityJobs
  • For positions in this location, we offer a base pay of $240,100 to $420,200, plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location.
  • Additional Information
  • Work Personas
  • We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.
  • Equal Opportunity Employer
  • ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
  • Accommodations
  • We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance.
  • Export Control Regulations
  • For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
  • From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.

Related Job Pages

Remote Software Engineer Jobs in the USSoftware Engineer Jobs in WashingtonRemote Full-time Jobs (US)More US Remote Jobs

More Software Engineer Jobs

Director of Engineering

DaySmart

Our Software. Your Growth.

Software Engineer22 days ago
Full TimeRemoteTeam 201-500Since 2003H1B No Sponsor
Company SiteLinkedIn

Director of Engineering to lead software solutions for fitness businesses

AWSDjangoDockerKubernetesMicroservicesPythonSQL
View details: Director of Engineering
Arizona + 3 moreAll locations: Arizona, Michigan, Pennsylvania, Texas
$200K / year
Apply

Developer 2 – CDTF, CADS, DB

Jonas Software

Jonas Software is a leading provider of enterprise management software solutions, serving a wide range of vertical markets including hospitality, healthcare, construction, education, personal care, fitness, leisure, moving and legal services, to name a few. Jonas is comprised of over 65 distinct brands, each a respected leader in its domain. Jonas’ vision is to be the branded global leader across these verticals and to be recognized by customers and industry stakeholders as the trusted provider of “Software for Life.” Committed to technology, product innovation, quality, and exceptional customer service. Supports over 60,000 customers in more than 30 countries. Employs over 6,000 skilled professionals, including industry experts and technology specialists. Headquartered in Canada with a global footprint and offices around the world. A 100% owned subsidiary of Constellation Software Inc., based in Toronto, publicly listed on the TSX (CSU.TO), and a member of the S&P/TSX 60 Index.

Software Engineer22 days ago
Part TimeRemoteTeam 1,001-5,000H1B No Sponsor
Company SiteLinkedIn

Developer 2 supporting Core Data Transform Framework at Jonas Software

ASP.NETAzureSQL.NET
View details: Developer 2 – CDTF, CADS, DB
California
Apply

Senior Application IT Developer

Vericast

Reimagining marketing solutions one business-to-human connection at a time.

Software Engineer22 days ago
Full TimeRemoteTeam 5,001-10,000H1B No Sponsor
Company SiteLinkedIn

Application IT Developer supporting legacy systems at Vericast

Apache
View details: Senior Application IT Developer
Texas
$77K - $100K / year
Apply

Senior z/OS Communications Systems Programmer – ALC Specialist

DXC Technology

Delivering excellence for our customers and colleagues

Software Engineer22 days ago
Full TimeRemoteTeam 10,001+Since 2017H1B Sponsor
Company SiteLinkedIn

Senior IBM z/OS Communications Systems Programmer developing high-performance communication applications

TCP/IP
View details: Senior z/OS Communications Systems Programmer – ALC Specialist
Connecticut + 3 moreAll locations: Connecticut, New Jersey, North Carolina, Massachusetts
$105.5K - $195.9K / year
Apply