Staff Software Engineer - Product Security

ServiceNow’s Product Security organization is building a dedicated Security R&D function — a software engineering team that builds security capabilities with the same engineering rigor as ServiceNow’s product organization. We are looking for a Staff Security Engineer to be a core contributor on this team. Security R&D operates in two complementary modes: open contribution to product engineering — writing code alongside product teams where security expertise adds value — and developing its own security capabilities , including internal tooling, externally facing product features, AI-powered security automation, and third-party integrations. This is a new team being stood up in Petah Tikva, Israel, co-located with ServiceNow’s AI Security Research team. You will help shape the team’s engineering practices and technical foundation from day one. This role reports to the Sr. Engineering Manager, Security R&D. What You Will Do Build Security Capabilities Design and develop security tooling, automation, and platform services that operate at ServiceNow’s enterprise scale. Contribute code directly into ServiceNow product engineering codebases, embedding security capabilities where they have the highest impact. Build AI-powered security automation by integrating in-house models and third-party services into production workflows. Leverage ServiceNow’s platform — Agent Framework runtime, ACL enforcement, data layer, and workflow engine — to create security capabilities that external vendors cannot match. Collaborate Across Teams Work closely with the AI Security Research team on tooling for AI agent security, translating research insights into production-grade engineering. Partner with product engineering teams during open contribution engagements, earning trust through code quality, reliability, and delivery. Participate in design reviews, code reviews, and architecture discussions, contributing to the team’s technical standards and engineering culture. Grow with the Team Help define engineering best practices as a founding member of the Security R&D team. Contribute to hiring and onboarding as the team scales, helping maintain the engineering bar. Stay current on emerging AI/ML technologies and security threats, bringing new ideas into the team’s roadmap. To be successful in this role you have: 8+ years of professional software engineering experience building production systems at scale. Bachelor’s degree in Computer Science, Engineering, or a related technical field. Strong hands-on proficiency in Python and Java. You write production code daily and take pride in software craftsmanship. Solid foundation in distributed systems, cloud-native architectures, and building services that meet enterprise requirements for scalability, reliability, and performance. Experience working in collaborative engineering environments, contributing to shared codebases with high code quality standards. Interest in or exposure to security engineering concepts — application security, infrastructure security, identity systems, or trust & safety. A security mindset is valued; deep security expertise can be developed on the team. Curiosity about AI/ML and next-generation AI technologies. You don’t need to be an AI expert, but you should be excited about building at the intersection of security and AI Preferred Experience with security tooling development, SSDLC automation, or building security features into a product. Familiarity with container/Kubernetes environments, cloud security, or infrastructure-as-code. Exposure to AI/ML pipelines, LLM integration, or agentic frameworks. Experience in a SaaS or platform company building multi-tenant enterprise software. Experience working in a globally distributed engineering team. What Makes This Role Unique Builder-led culture: Security R&D is defined by engineering output, not advisory reviews. We build production security capabilities with the same discipline as product engineerin ... (truncated, view full listing at source)