Senior Information Security Analyst

About The ServiceNow Security Office  

The ServiceNow Security Organization is dedicated to delivering world-class innovative security solutions that minimize risk and protect both our company and our customers. By enabling the secure migration of sensitive data and workloads to the cloud we help accelerate ServiceNows position as the most trusted SaaS provider in the industry.

We are committed to fostering an environment where our employees feel empowered take pride in their work and have the opportunity to make a meaningful impact.

 About the Team Global Security Support Center (GSSC) 

The Global Security Support Center (GSSC) at ServiceNow is a diverse and highly skilled team of security professionals who play a pivotal role in strengthening both our internal and external security posture. The team collaborates closely with various functions across the company and serves as a key interface with our customers on security-related matters.

Through expertise communication and a commitment to excellence the GSSC team reinforces ServiceNows reputation as a security-first organization consistently demonstrating our commitment to protecting our platform our data and our customers.

GSSC Mission Statement: To provide external & internal facing security support on behalf of the Security Organization to improve our customers security posture and build Customer trust. 

Job Description 

Responsibilities on the role: 

• Represent security organization in customer-facing Security Incidents cases Security findings tasks and questions and calls related to Security & Privacy.
• Own triage investigate and respond to security matters of ServiceNow platform ensuring timely communication resolution and enhance customer experience and processes.
• Act as the primary point of contact for all security-related matters in ServiceNow supporting both internal and external stakeholders.
• Facilitate the efficient workflow/triage of security-related incidents/cases by collaborating with customers and other internal ServiceNow teams.
• Build and maintain a high level of customer trust and confidence through exceptional service and communication.
• Customer Outreach Communications on Security & escalation handling.
• Understand and deliver excellent capability maturity models to fine tune Security processes.
• Create and enhance documentation and processes to strengthen security maturity and operational excellence.
• Develop and deliver training/enablement programs on Security for internal and external customers on security awareness and best practices.
• Develop AI Solutions for automating repetitive activities & design new solutions leveraging AI.
• Work with Legal on security/privacy-related matters & a global team spread across different time zones so flexibility of times is required.
• Provide support and be available asa responsible resource for theOn-Call rotation (weekends public holidays and after hours) as rostered.

Qualifications :

To be successful in this role you have: 

• Experience: A minimum of 3-5 years of professional experience in information security or application security roles.
• Certifications: Relevant certifications are highly preferred including but not limited to:
  • Required: ServiceNow Certified System Administrator (CSA)
  • Preferred (Two or more): Azure AI Fundamentals AWS Certified AI Practitioner Offensive Security Web Assessor (OSWA) GIAC Web Application Penetration Tester (GWAPT) GIAC Security Essentials Certification (GSEC) GIAC Certified Incident Handler (GCIH) CISSP CISM.

Skills & Competencies

• Technical Skills:
  • Solid understanding of cloud computing models and major hyperscaler cloud models.
  • Hands-on experience with using and understanding security tools and technologies including: SIEM solutions logging tools load balancers firewalls WAFs IDS/IPS vulnerability management platforms encryption techniques etc.
  • Basic to Intermediate-level programming knowledge in Java/JavaScript with the ability to read interpret & understand to explain code effectively.
  • Intermediate to Advanced proficiency in using web proxy tools for security testing and assessments.
• Application Security: In-depth understanding of web application vulnerabilities (e.g. OWASP Top Ten) and corresponding mitigation strategies.
• Risk Management: Ability to clearly explain security risks to non-technical stakeholders using straightforward non-technical language.
• Compliance & Regulatory Knowledge: Good knowledge of key compliance and regulatory frameworks including: NIST CIS GDPR HIPAA PCI DSS ISO standards etc.
• Artificial Intelligence: Experience working with AI technologies and designing AI-based solutions.
• Analytical Thinking: Strong analytical and problem-solving capabilities with the ability to evaluate and address complex security challenges.
• Communication: Excellent verbal and written communication skills with the ability to convey technical information to non-technical audience.
• Team Collaboration: Demonstrated ability to thrive in a team-oriented collaborative environment working in a follow the sun model.
• Security Concepts: Good understanding of Security concepts and articulating Security and risk in simple terms without using jargons and make sense to customers.
• Education: Bachelors degree in computer science or information security or relevant information security experience.
• Preferred Additional Experience: Hands-on experience with web-based vulnerability exploitation and experience is a strong plus to succeed in this role.

At GSSC we pride ourselves on fostering a culture of inclusivity innovation and excellence. Our team and customers are at the heart of everything we do and we are committed to providing a supportive and engaging work environment. As an Information Security and Application Security resource in the region you will be an integral part of our mission to deliver secure and reliable solutions to our clients.

FD21

Additional Information :

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible remote or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color creed religion sex sexual orientation national origin or nationality ancestry age disability gender identity or expression marital status veteran status or any other category protected by addition all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process or are unable to use this online application and need an alternative method to apply please contact for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations including the U.S. Export Administration Regulations (EAR) ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. 2025 Fortune Media IP Limited. All rights reserved. Used under license. 

Remote Work :

No

Employment Type :

Full-time