Senior Red Team Security Engineer - Moveworks

Do you think like an attacker when evaluating defenses? Are you motivated by emulating real world adversaries against mature environments? Join Moveworks’s Red Team as we continue to expand and sharpen our adversary simulation capabilities. Moveworks from ServiceNow is transforming how companies support their employees through AI. As a Senior Red Team Security Engineer, you will drive the next phase of our Red Team by executing high fidelity operations, modeling complex attack paths, and enhancing capabilities that reflect modern threat actors. You will work closely with the Blue Team to conduct Purple Team exercises and validate detection and response. You will evolve tradecraft in social engineering, malware development, and command-and-control, while driving operational consistency and scale through custom tooling and infrastructure. We’re looking for someone who leads through execution, brings strong technical instincts, and has a lasting impact on the team’s capabilities. You’ll take ownership of complex engagements, push into areas that require creativity and persistence, and consistently deliver high quality offensive work. You will also play a key role in raising the bar across the team by sharing knowledge, refining tradecraft, and helping others grow. What you get to do in this role: Execute Red Team engagements by simulating advanced threat actors across a diverse attack surface, including enterprise endpoints, cloud infra, networks, and product/services. Build, maintain, and scale custom tools and infrastructure to support and automate Red Team operations. Develop sophisticated bypasses for security controls, such as Endpoint Detection and Response (EDR) and other monitoring solutions. Lead social engineering initiatives, including the design and execution of phishing, vishing, and smishing campaigns to test initial access vulnerabilities. Be a sparring partner with the SOC to test and improve detection and response capabilities. Stay at the forefront of the industry by researching emerging threats and continuously evolving your offensive security skillset. Design novel attack vectors and chain vulnerabilities creatively to achieve high-impact objectives. Maintain an attacker’s mindset with the depth to dive into detailed analysis when needed. Collaborate cross-functionally with Machine Learning, Search, Product, Infrastructure, Data, and Frontend teams to design and implement secure solutions. Empower teams to make informed security-related decisions by documenting and presenting findings to both technical and executive audiences. To be successful in this role you have: 5+ years in Penetration Testing, Red Teaming, Vulnerability Research, and/or Application Security. 3+ years of experience in Python, JavaScript, Golang, and C/C++. Deep expertise in at least three of the following: macOS security, Linux security, Cloud security (AWS/GCP/Azure), Container security (Docker/Kubernetes), CI/CD pipeline security Experience automating parts of the attacker lifecycle using AI. Experience with Infrastructure as Code (IaC) tools like Terraform. Proven ability to build long-lasting relationships with various teams. Expert understanding of network security, application security, authentication, authorization, identity systems, encryption, and secure coding practices. Ability to write and present findings for both technical and non-technical teams, including executive management.  Strong curiosity about engineering disciplines outside of your immediate expertise and a constant desire to learn. Experience working in environments with compliance requirements like SOC2, HIPAA, ISO27001, FedRAMP, etc. BS or higher in Computer Science or a related field. Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assi ... (truncated, view full listing at source)