Staff Security Engineer | Security Configuration Management

Related keywords: scrum master remote jobdata engineer remote jobcompliance remote job

Overview of the Role

The Staff Security Engineer position is part of the ServiceNow Security Organization (SSO), which specializes in delivering innovative security solutions aimed at protecting the company's assets and its clients. This role is essential in ensuring secure configurations across various environments, contributing significantly to the organization's mission of mitigating risks associated with data migration and cloud services.

Key Responsibilities

In this role, you will lead the Security Configuration Management team, responsible for ensuring that the configuration across multiple platforms meets security standards. Your duties will include:

• Leading the implementation of secure configuration baselines across diverse environments, such as cloud platforms and containerized workloads.
• Integrating and optimizing tools aimed at scanning for vulnerabilities (such as Tenable, Wiz, Trivy) and evaluating new technologies to enhance security measures.
• Enhancing workflows for ServiceNow’s SecOps configuration compliance, along with improving reporting and data accuracy.
• Developing models for risk-based prioritization and creating remediation strategies in collaboration with cross-functional teams.
• Supporting the strategic objectives for AI-assisted configuration management, leading the future of automation and policy-driven remediation.

Required Skills and Experience

To be successful in the Staff Security Engineer role, you need the following qualifications:

• A minimum of 8 years of experience in configuration compliance or vulnerability scanning tools, such as Qualys or OpenSCAP, or possess a Bachelor’s degree in a related field (Computer Science, Engineering, etc.).
• Strong knowledge of Linux/Unix or Mac/Windows operating systems, and familiarity with secure hardening principles.
• Proficient in programming or scripting (such as Python, PowerShell, Java, or C) to automate processes and analyze data effectively.
• Hands-on experience with cloud environments including AWS, Azure, and Google Cloud. Additionally, experience with container platforms like Docker and Kubernetes is crucial.
• Understanding of various security frameworks (CIS Benchmarks, STIGs, PCI, NIST) and a well-rounded knowledge of infrastructure vulnerabilities and risk assessment methodologies.

Desired Skills and Certification

Candidates will stand out with the following skills or certifications:

• Experience in working with the ServiceNow platform, particularly its SecOps tools.
• Familiarity with Agile methodologies, including roles like Scrum Master or Product Owner, which will be beneficial in managing projects.
• Familiarity with data visualization tools like Power BI is a plus, alongside any relevant security certifications (such as CISSP, GSEC, Security+, CCSP).

Work Environment and Culture

ServiceNow promotes flexibility and trust among its employees, supporting various work personas that adapt to the nature of the job. Whether working remotely or in-office, the company's approach is centered around creating an inclusive and accessible environment where employees can thrive.

Impact of the Role

As a Staff Security Engineer, you will significantly influence how ServiceNow manages configuration risks at scale. You will have the opportunity to work with cutting-edge security tools, shape product direction, and collaborate seamlessly with diverse teams across engineering, security, and compliance. The ongoing advanced solutions, particularly in the realm of AI-enabled security, mean that your work will impact the future of the industry.

Application and Diversity

ServiceNow emphasizes its commitment to equal opportunity, ensuring that all qualified applicants have a fair chance regardless of their background. Furthermore, they are dedicated to creating an accommodating application process to assist individuals as needed.

Conclusion

This role presents an exceptional opportunity for seasoned security professionals with a passion for technology and security. If you are ready to be part of a forward-thinking company that is shaping the future of work through innovative security solutions, consider applying to ServiceNow as a Staff Security Engineer.

This job offer was originally published on himalayas.app