ServiceNow Security & Threat Modelling

Posted on September 10, 2025

Apply Now

Job Description

  • ServiceNow Security & Threat Modelling
  • REMOTE
  • Qualifications
  • Minimum 6 years experience in application or cloud security engineering, with a
  • consistent focus on secure design and risk reduction.
  • Demonstrable expertise in threat modelling frameworks and methodologies (e.g.,
  • STRIDE, PASTA, attack trees).
  • Strong background in security design review for enterprise web applications,
  • APIs, and integrations.
  • Hands-on, production experience with SAST and DAST tools�setup,
  • configuration, analysis, and remediation (examples: Checkmarx, Veracode, Burp
  • Suite, OWASP ZAP, etc).
  • Mandatory hands-on experience working with ServiceNow�s platform, security
  • architecture, and application development ecosystem.
  • Strong troubleshooting and analytical skills to trace security bugs through
  • complex, distributed systems.
  • A passion for security, personal integrity, and a strong commitment to protecting
  • customer data and privacy.
  • Skilled communicator able to convey technical risk clearly to engineers and
  • management alike.
  • Required Technical Qualifications
  • Extensive ServiceNow technical experience, including security configuration,
  • platform administration, and integration patterns.
  • Proven expertise in security testing and automation for enterprise and cloud-
  • native applications.
  • Deep understanding of authentication/authorization protocols (OAuth, SAML,
  • SSO), secure API design, and access control implementation.
  • Working knowledge of scripting/programming languages commonly used in
  • ServiceNow and web development (JavaScript, Python, etc).
  • Strong grasp of modern web application architecture, common attack vectors,
  • and industry standards (OWASP, NIST).
  • Exposure to or experience with secure CI/CD pipelines, integrating security tools
  • as part of automated workflows.
  • Preferred Qualifications (Nice to Have)
  • Industry certifications such as CISSP, CEH, OSCP, CSSLP, or ServiceNow
  • Certified Implementation Specialist.
  • Experience conducting code and architecture reviews for SaaS or large-scale
  • enterprise systems.
  • Familiarity with security governance, compliance frameworks (ISO27001/2,
  • SOC2, GDPR), and privacy impact assessments.
  • Experience with infrastructure security, cloud security (AWS/Azure/GCP), or
  • hybrid architectures.
  • Knowledge of incident response, digital forensics, or penetration testing
  • methodologies.
  • Experience with security monitoring, alerting, and integration with SIEM tools.

Required Skills

servicenow security & threat modelling