DevSecOps Engineer – Product Security at ServiceNow
Work matters. It’s where we spend a third of our lives. And the workplace of the future is going to be a great place. We’re dedicated to bringing that to life for people everywhere. That’s why we put people at the heart of everything we do.
People matter. Our people have a passion for learning, building, and innovating. Whether you’re an engineer, a sales professional, a finance professional, or anything in-between, our roles aim to provide each person with meaningful impact and plenty of space to grow.
Product Security is working at Shifting Left, allowing engineering teams and the company to be proactive with simplified integrated security testing. This paradigm shift benefits developers and ServiceNow by codifying security activities at scale into their build pipelines ensuring tool chains are easily automated with continuous monitoring and feedback.
As a member of the product security team, you will help ServiceNow with integration roadmaps for application security scanning toolchains. You will work closely with build engineering teams to deploy and maintain scalable containerized system images for application security toolchains.
What you get to do in this role:
- Build / maintain automations to assist on demand autoscaling services using Kubernetes and AWS
- Integrate vulnerability management into Jenkins build jobs and the ServiceNow ALM platform
- Support Security Champions Program relating to CI/CD integrations
In order to be successful in this role, we need someone who has:
- 3+ years of experience as a build engineer or developer. Including experience with dependency management tools (such as Maven and NPM) and CI/CD platforms (such as Jenkins)
- 2+ years of experience working knowledge of Cloud Infrastructure and formation templates (AWS required, Azure and GCP nice to have)
- 2+ years of Linux administration experience and package management (RPM)
- 1+ years of scripting experience (Groovy and Python)
- 1+ years of experience with Nexus or Artifactory
- Knowledge of Fortify SAST, component analysis and web application scanning tool chains a plus but not required
- Experience with functional testing frameworks such as Selenium, Geb / Spock a plus but not required
- BS in computer science or equivalent work experience
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at [email protected] for assistance.