.svg)
ServiceNow
Staff Software Engineer - Security
Staff Software Engineer - Security at ServiceNow (Petah Tikva). Lead secure software development using SSDL practices. Requires 6+ AppSec years, threat modelling expertise, STRIDE/PASTA knowledge, OWASP mastery, cryptography skills. Benefits: PTO, 401k, 4-day week, visa sponsorship.
The Mothership
Senior
ServiceNow Role Type:
Application Developer
ServiceNow Modules:
DevOps
Predictive Intelligence
ServiceNow Certifications (nice to have):
Job description
Posted on:
November 14, 2025
As a Staff Software Engineer - Product Security on the ServiceNow SSDL team, you will collaborate with developers and software architects on highly technical solutions and help the organisation build secure and resilient software.
Requirements
- Developer-level proficiency in one or more languages - Python, Java, JavaScript, and Golang preferred
- 6+ years of experience in software security (AppSec)
- 3+ years of experience in threat modelling software applications and services
- Proficient in threat modelling methodologies such as STRIDE or PASTA and their applied use in fast-moving, iterative development lifecycles
- In-depth knowledge of common web application vulnerabilities (OWASP Top 10)
- Working knowledge of Machine Learning and taxonomies such as BIML that categorise known attacks on machine learning models
- In-depth knowledge of software design patterns and their security considerations
- In-depth knowledge of authentication and authorisation standards, including OAuth, OIDC, SAML, JWT, and PASETO
- Knowledge of symmetric and asymmetric cryptography, digital signatures, PKI, TLS, and cryptographic hash functions
Benefits
- Generous Paid Time Off
- 401k Matching
- Retirement Plan
- Visa Sponsorship
- Four Day Work Week
- Generous Parental Leave
- Tuition Reimbursement
- Relocation Assistance
Requirements Summary
6+ years of software security experience, 3+ years of threat modelling experience, and proficiency in threat modelling methodologies
