Principal Outbound Product Security Manager

**PLEASE NOTE** This role has a minimum of 2 days per week in Santa Clara CA or San Diego CA offices requirement. If you are unable to come into the Santa Clara or San Diego Office for a minimum of 2 days per week please do not apply. Thank you. 

The ServiceNow Security Organization (SSO)    

The ServiceNow Security Organization (SSO) delivers world-class innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact  

The Opportunity 

ServiceNows Product Security organization is undergoing a fundamental transformationfrom reactive to proactive from reporting issues to delivering solutions. This role is critical to that transformation to bridge the gap between cutting-edge AI security challenges and practical implementable solutions that our engineering teams will actually adopt. 

This is not a traditional PM role. Youll need technical depth to earn credibility with skeptical engineers and product excellence to drive adoption without friction. 

The Challenge 

Our world-class engineering organization needs a security partner they can trustsomeone who understands their constraints speaks their language and brings solutions not just problems. Your technical depth must earn their trust while your product acumen drives adoption of security solutions that enhance rather than hinder developer productivity. 
 
Our Guiding Principles 

1. Protect the Brand: Reduce the impact of major security incidents. 
2. Enable the Business: Maintain and automate regulatory compliance (FedRAMP GDPR etc.). 
3. Secure by Default: Ship secure products with minimal friction for customers. 
4. Partner Seamlessly: Integrate security (shift left) without slowing down engineering. 

What Youll Do 

• Own the AI Security Product Strategy (40%) 
• Define and drive the product roadmap for securing agentic AI across internal systems and customer offerings 
• Balance emerging AI threats (prompt injection model extraction data poisoning) with implementation realities 
• Transform Red Team findings and security research into a prioritized data-driven backlog 
• Shift the narrative from security as tax to security as competitive advantage 

Be the Technical Authority (35%) 

• Lead architectural reviews with deep expertise in: 
  • Agentic AI frameworks (LangChain LangGraph) and their attack surfaces 
  • Authentication patterns for distributed AI systems (OAuth 2.0 OIDC MCP A2A protocols 
  • LLM vulnerabilities and practical mitigations 
• Provide hands-on guidance that minimizes friction while maximizing protection 
• Earn engineering trust through demonstrated technical depth not position or process 

Drive Cross-Functional Execution (25%) 

• Partner with Platform and Product Engineering PMs to embed AI security into development lifecycles 
• Define success metrics that balance security effectiveness with developer experience 
• Coordinate with Documentation Training and Professional Services for smooth rollouts 
• Engage key enterprise customers on their AI security requirements 

Qualifications :

To succeed in this role you have: 

• Experience in leveraging or critically thinking about how to integrate AI into work processes decision-making or problem-solving. This may include using AI-powered tools automating workflows analyzing AI-driven insights or exploring AIs potential impact on the function or industry. 
• 15 years in product management product ownership or technical product analysis within commercial software product companies. 
• 3-5 years focus on Security AI Security or GenAI 
• Hands-on experience with agentic AI frameworks and their security implications 
• Deep understanding of authentication/authorization protocols and emerging AI-specific patterns 
• Track record of shipping security products in collaborative cross-functional environments 
• Technical credibility - ability to read code review architectures and challenge technical decisions 

What Sets Great Candidates Apart 

• Experience at an AI Security startup or leading AI security at an enterprise company 
• Published research blog posts or conference talks on AI security 
• Security certifications that demonstrate depth (CISSP OSCP SANS GIAC) 
• Success turning skeptical engineering partners into security champions 
• Program management experience driving complex multi-team initiatives 

The Intangibles We Value 

1. Exceptional communication - can influence both senior engineers and executives 
2. Data-driven decision making with strong product instincts 
3. Comfortable with ambiguity in a rapidly evolving domain 
4. Builder mentality - more interested in shipping solutions than writing reports 

Our Four Guiding Principles 

Your work will directly support our transformation goals: 

1. Protect the Company: Reduce impact of major security incidents and protect ServiceNows brand reputation. 
2. Unlock Regulated Markets: Maintain and automate compliance with evolving government requirements (FedRAMP GDPR EU AI Act) 
3. Delight Customers: Ship secure-by-default  products that protect customer data without adding complexity to their experiencesecurity that just works. 
4. Empower Engineering:  Partner seamlessly with development teams shifting security left while enhancing (not hindering) developer productivity through low-friction tools and processes. 
    

Why This Role Matters 

Youll shape how thousands of enterprises secure their AI implementations while working with industry-leading security researchers and engineers. This high-visibility role reports to the Sr. Director of Product Security Engineering and offers the opportunity to define the future of enterprise AI security. 

If youre equally comfortable debating threat models with security researchers and roadmap priorities with VPs of Engineeringand you thrive in turning technical complexity into elegant product solutionswe want to hear from you. 

#SecurityJobs 

Additional Information :

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible remote or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color creed religion sex sexual orientation national origin or nationality ancestry age disability gender identity or expression marital status veteran status or any other category protected by addition all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process or are unable to use this online application and need an alternative method to apply please contact for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations including the U.S. Export Administration Regulations (EAR) ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. 2025 Fortune Media IP Limited. All rights reserved. Used under license. 

Remote Work :

No

Employment Type :

Full-time