Product Security Response Manager

As a Product Security Response Manager you will be responsible for managing a portion of PSIRTs global headcount. You will direct the daytoday activities of product security engineers you lead including processing root cause analysis of product security vulnerabilities reported as part of the bug bounty and responsible disclosure program vulnerability remediation collaboration with internal development teams research projects for reported vulnerability patterns and process improvements. As a Product Security Response Manager you will work with ServiceNows pool of talented external researchers (i.e. our bug bounty and responsible disclosure programs) to ensure they are equipped to succeed and mitigate uncoordinated disclosures. You will also make handson contributions to reducing security risks in ServiceNows products and services by partnering with other teams in the development and security organisations. 

Team:  

ServiceNows Product Security Incident Response Team (PSIRT) is dedicated to managing postrelease security vulnerabilities in ServiceNowdeveloped products. Our mission is to investigate respond and communicate product risk. PSIRT plays a core role as a strong subject matter expert to the company during major security incidents. PSIRT is responsible for the health and management of ServiceNows bug bounty and responsible disclosure programs. PSIRT owns the intake and triage of internally and externally reported product security vulnerabilities. PSIRT also conducts deepdive security research to discover related vulnerabilities consults and coordinates with internal development teams on the remediation of complex security issues and contributes lessons learned into educational workstreams. 

What you get to do in this role: 

• Serve as a people leader. 
• Serve as a project manager for PSIRTled research projects. 
• Oversee product security incidents small and large. 
• Stay updated on industry best practices including the CVE program and special interest groups. 
• Recommend and develop new product security policies and procedures. 
• Partner with key contacts outside of our department. 

Qualifications :

To be successful in this role we need someone who has: 

• An analytical mind for problem solving abstract thought and challenging product security problems and solutions. 
• Strong interpersonal skills (written and oral communication) and the ability to work collaboratively in a team environment both in realtime and asynchronously and remotely across ServiceNows regions. 
• Accountability and the ability to take feedback as a member of a continuous improvement culture. 
• Autonomy and ability to make practical decisions and recommendations in the face of uncertainty and imperfect information. 
• Flexibility in working hours is needed to assist with a global team and product security incident response. 
• Comfort with change as part of being on a growing team. 
• 2 years of experience managing or supervising individual contributors. 
• 5 years of experience working in a role focused on web application security. 
• B.S. Degree in Computer Science / STEM field or equivalent job experience. 
• Indepth experience with exploiting OWASP Top 10 application vulnerabilities such as deserialization and injection attacks. 
• Experience performing Threat Modelling and Penetration Testing. 
• Strong code reading comprehension and code tracing skills and experience performing source code reviews for security issues. 
• Experience in a fastpaced and demanding security environment. 
• Experience with bounty programs preferred.  

This is a very collaborative and inclusive work environment where individuals strong on aptitude and attitude will have an opportunity to grow their professional careers through working with some of the most advanced technology and talented developers in the business. 

Not sure if you meet every qualification We still encourage you to apply! We value inclusivity welcoming candidates from diverse backgrounds including nontraditional paths. Unique experiences enrich our team and the willingness to dream big makes you an exceptional candidate!

Additional Information :

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible remote or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color creed religion sex sexual orientation national origin or nationality ancestry age disability gender identity or expression marital status veteran status or any other category protected by law. In addition all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process or are unable to use this online application and need an alternative method to apply please contact for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations including the U.S. Export Administration Regulations (EAR) ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. 2025 Fortune Media IP Limited. All rights reserved. Used under license.