Director, Security Research & Development

**PLEASE NOTE**:  This role requires a minimum of 2 days per week in the Bay Area Service Now Offices.  If you cannot meet this requirement we ask that you please do not apply.  Thank you.

The ServiceNow Security Organization (SSO)

The ServiceNow Security Organization (SSO) delivers world-class innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact.

The Opportunity
ServiceNows Product Security organization is investing in a dedicated Security R&D function a software engineering team embedded within Product Security that builds security capabilities with the same rigor CI/CD discipline and quality standards as ServiceNows product engineering organization. We are looking for a Director to lead and scale this team.

Security R&D operates in two complementary modes. First through open contribution to product engineering writing code alongside and directly into product engineering efforts where security domain expertise adds value. Second by designing and developing its own security capabilities both internal tooling and externally facing product features including AI-powered security automation third-party integrations and platform-native security services.

A small US-based team is already in place. The Director will grow and reshape this team while simultaneously standing up a new engineering hub in Israel a strategic investment committed to by senior leadership. This is primarily a greenfield build: the technical vision team culture engineering identity and hiring bar are yours to define.  This role reports to the Senior Director of Product Security Engineering.

What Makes This Role Unique

• Builder-led culture: Security R&D is defined by engineering output not advisory reviews. We emphasize building production security capabilities with the same discipline as product engineering.
• Dual operating model: Your team both contributes directly to product engineering and develops its own security products and services a rare combination that requires deep engineering credibility and strong product instincts.
• Platform advantage: ServiceNow owns the entire stack runtime ACLs data layer workflow engine. You can build security capabilities that no external vendor can replicate.
• Global scope: Standing up the Israel hub is a strategic investment. You will shape a world-class engineering center from its inception with direct influence on its culture and technical direction.
• AI intersection: The role collaborates closely with AI Security on agent security tooling placing you at the frontier of securing AI systems at enterprise scale.

Build and Lead a Globally Distributed Engineering Team

• Scale the existing US-based Security R&D team and stand up a new engineering hub in Israel. Hire engineering managers senior engineers and architects across both sites.
• Establish the Israel hub as a high-performing engineering center. Hire local leadership define operating rhythms across time zones and travel regularly to build team cohesion and culture.
• Define the org structure team charters and technical ownership model across the US and Israel. Ensure seamless collaboration between sites.
• Set the hiring bar and engineering culture: this is a team of software engineers with deep security expertise not security consultants who happen to write code.

Drive Security Engineering at Platform Scale

• Lead the development of AI-powered automated security review capabilities integrating in-house models and third-party services to dramatically expand security review coverage across ServiceNows codebase.
• Drive open contributions to product engineering in security-critical areas embedding Security R&D engineers directly into product teams where their domain expertise accelerates delivery.
• Design and build Security R&Ds own capabilities security tooling automation and platform services both for internal consumption and as externally facing product features.
• Leverage ServiceNows unique platform advantages ownership of the Agent Framework runtime ACL enforcement data layer and workflow engine to build security capabilities that external vendors cannot replicate.
• Collaborate with the AI Security team on AI agent security tooling bringing software engineering discipline to securing AI systems at enterprise scale.
   

Operate as an Engineering Peer

• Represent Security R&D credibly to senior engineering leadership. This role demands a leader who is seen as a peer who ships production code not an advisor who reviews it.
• Partner with embedded product managers to define and execute the Security R&D roadmap balancing long-term platform investments with near-term delivery milestones.
• Build relationships across Product Securitys other functions to ensure Security R&D amplifies their impact through engineering.

Required

• Experience in leveraging or critically thinking about how to integrate AI into work processes decision-making or problem-solving. This may include using AI-powered tools automating workflows analyzing AI-driven insights or exploring AIs potential impact on the function or industry. 
• 20 years of progressive experience in software engineering and security spanning hands-on development through engineering leadership OR related experience and education
• Bachelors degree in Engineering Computer Science or a related technical field.
• Deep expertise across multiple security domains including application security infrastructure security identity and fraud prevention insider threat and trust & safety.
• 5 years of engineering management experience leading and scaling teams of 25 engineers including hiring managers and building leadership layers.
• Demonstrated track record of building engineering teams and capabilities from scratch (01) not only inheriting and optimizing existing organizations.
• Strong hands-on software engineering foundation with production experience in Python and Java. You started as a builder and never stopped thinking like one.
• Experience managing globally distributed engineering teams across multiple time zones and geographies including team buildouts in new locations.
• Enterprise-scale software engineering experience at a major SaaS cloud or technology company building systems that serve millions of users with high availability security and regulatory compliance requirements.
• Hands-on experience with AI/ML systems GenAI or Agentic AI technologies building integrating or securing them within enterprise products.
• Ability to operate as a credible engineering peer to VP and Sr. Director-level product engineering leaders holding your own in architecture reviews design discussions and roadmap negotiations.
   

Qualifications :

Preferred

• Experience in fraud prevention identity security regulatory compliance technology (OFAC FinCEN PCI SOX) or insider threat programs at a major SaaS or fintech company.
• Familiarity with enterprise security frameworks (NIST SSDLC) and practical experience translating compliance requirements into engineering solutions.
• Experience with container and Kubernetes security runtime security (e.g. Falco) OPA policy enforcement service mesh security or cloud-native security architectures (AWS preferred).
• Background building security capabilities that ship as part of a commercial product not only internal tooling.
• Experience with MLOps pipelines prompt engineering or agentic frameworks (e.g. LangChain LangGraph) in a production security context.
   

#SecurityJobs 

For positions in this location we offer a base pay of $240100 - $420200 plus equity (when applicable) variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline and individual total compensation will vary based on factors such as qualifications skill level competencies and work location. We also offer health plans including flexible spending accounts a 401(k) Plan with company match ESPP matching donations a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location.

Additional Information :

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible remote or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color creed religion sex sexual orientation national origin or nationality ancestry age disability gender identity or expression marital status veteran status or any other category protected by addition all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process or are unable to use this online application and need an alternative method to apply please contact for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations including the U.S. Export Administration Regulations (EAR) ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. 2025 Fortune Media IP Limited. All rights reserved. Used under license. 

Remote Work :

No

Employment Type :

Full-time