Director of Vulnerability Management
Company Description
ServiceNow is making the world of work, work better for people. Our cloud‑based platform and solutions deliver digital workflows that create great experiences and unlock productivity for employees and the enterprise. We're growing fast, innovating faster, and making an impact on our customers' and employees' lives in significant and important ways. With over 6,900 customers, we serve approximately 80% of the Fortune 500, and we're on the 2020 list of FORTUNE World's Most Admired Companies.®
We’re looking for people who are ready to jump right in and help us build on our incredible momentum, our diverse, engaged workforce, and our purpose to make the world of work, work better.
Learn more on Life at Now blog and hear from our employees about their experiences working at ServiceNow.
Job Description
ServiceNow is changing the way people work. With a service-orientation toward the activities, tasks and processes that make up day-to-day work life, we help the modern enterprise operate faster and be more scalable than ever before. We’re disruptive. We work hard but try not to take ourselves too seriously. We are highly adaptable and constantly evolving. We are passionate about our product, and we live for our customers. We have high expectations and a career at ServiceNow means challenging yourself too always be better.
This position leads the Vulnerability Management team at ServiceNow under the direction of the Sr. Director, Security Engineering. This highly visible position is critical to the success of the organization by providing high confidence in understanding the attack surface of ServiceNow’s infrastructure. Through this, mature and detailed capabilities are in place to move from discovery, to classification, to remediation, to verification of any vulnerability or configuration-based gaps.
Reducing the threat footprint to our organization is a key critical operational objective which sits squarely on the shoulders of this position. This person will have direct responsibility in leading a team of highly technical team members in the plan, build, and run of the Vulnerability Management function. Furthermore, this position will be directly responsible for operational aspects as they work between teams to ensure remediation with our partners in operations. Finally, they will be accountable to Executive Leadership team in the reporting and escalations of threats as they are posed to our infrastructure components.
Qualifications
- Hands-on experience with vulnerability management tools and strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database, and application servers.
- Strong written and verbal communication skills with the ability to collaborate through all parts of the business.
- High performance skillset which not only understands the threat spaces as it relates to risks, but also able to meet the technical challenge of communicating this out to our teams.
- Leadership skills which bring out the best in the team. This includes both direct leadership but also cross-functional capabilities.
- 8+ years in a vulnerability management program. Knowing not only how to assess vulnerabilities but also prioritize and drive remediation activities.
- Ability to communicate at the executive leadership levels. Understanding how to translate technical gaps to business risk is critical for communication in this role.
- Reporting gaps in a meaningful way that addresses a business risk as well as providing technical solutions to the operations teams in remediation is key.
- Experience in interacting with auditors and regulators.
- Experience in working across public cloud infrastructure.
- Experience in working with vulnerability scanning technologies at scale.
- Master’s degree in Cyber Security or relevant experience required.
- University degree, security certifications or equivalent experience required.
- US Federal clearance (or ability to obtain) recommended.
Additional Information
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.
If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at +1 (408) 501-8550, or [email protected] for assistance.
For positions requiring access to technical data subject to export control regulations, including Export Administration Regulations (EAR), ServiceNow may have to obtain export licensing approval from the U.S. Government for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by the U.S. Government.