Full Time_Servicenow_5+ Years

Role: Senior Security Engineer ServiceNow Security & Threat Modelling

Key Responsibilities:

• Drive security by design across ServiceNow initiatives through threat modelling and security design reviews.
• Implement and improve Secure Development Lifecycle (SDLC) practices.
• Manage and automate SAST/DAST tools (Checkmarx, Veracode, Burp, ZAP).
• Analyze scan results, perform risk assessments, and ensure timely remediation.
• Collaborate with engineering/DevOps teams to instill secure coding practices.
• Provide architectural guidance, vendor risk reviews, and document/report findings.
• Mentor teams on security tools, threats, and best practices.
• Stay updated on emerging security threats and compliance standards.

Mandatory Requirements:

• 6+ years in application/cloud security engineering.
• Strong expertise in threat modelling (STRIDE, PASTA, attack trees).
• Experience with security design reviews for enterprise apps/APIs.
• Hands-on with SAST/DAST tools.
• ServiceNow platform expertise (security architecture & app dev).
• Deep knowledge of OAuth, SAML, SSO, secure APIs, access control.
• Proficient in JavaScript/Python with strong troubleshooting skills.
• Excellent communication and risk explanation ability.

Preferred:

• Security certifications (CISSP, CEH, OSCP, CSSLP, ServiceNow CIS).
• Knowledge of cloud security (AWS/Azure/GCP), governance frameworks (ISO, SOC2, GDPR), incident response, and SIEM tools.Role & responsibilities

Preferred candidate profile