Senior/Principal Red Team Engineer | 31826

IT Remote, California Remote, United States


Job Title: Senior Red Team Engineer

Location: Remote, Canada or USA


The Senior through Principal Red Team Engineer is a critical contributor to ServiceNow's attack simulation and offensive security efforts. A successful Red Team engineer knows how to think like an attacker and is well versed with modern attack vectors, offensive strategy, and defense mechanisms.

Attack simulation in a large enterprise is an immense responsibility, as such the successful candidate should have a proven track record in leading complex campaigns in large mission-critical environments.

Duties and Responsibilities:

  • Assisting in the design, execution and reporting of Red Team campaigns at ServiceNow.
    • Creating adaptable and detailed attack plans.
    • Thoroughly documenting timelines of events and attack path narratives.
    • Meticulously documenting findings including all necessary information required to understand business impact, and enable the defensive teams (e.g. Blue Team and product engineering) to act upon them appropriately.
  • Focus on strong collaboration and partnership with:
    • Team peers, fostering mutual respect and team collaboration.
    • ServiceNow Blue Team to enable improvements to threat detection, response, and mitigation.
  • Act as a mentor to junior teammates and as a security leader within ServiceNow.
  • Provide security leadership by communicating and collaborating across the organization with internal security teams, product engineering, I.T. and other teams as needed.
  • Develop a broad and deep technical understanding of ServiceNow services and products

A successful candidate will have:

  • 8 or more years of experience attacking and defending corporate networks.
    • Demonstrated successful track record in a Red Team position
    • Experience attacking environments with next-gen antivirus (NGAV) or endpoint detection and response (EDR) agents.
    • Experience performing social engineering, physical security, and application security reviews.
  • Strong understanding of operational security concepts
  • Adept in messaging highly technical security findings to product engineering and executive leadership.
  • Proficient in scripting and programming languages, for example:
    • C#, C, Java, JavaScript, Objective C, Python, Rust, Go, bash and PowerShell.
  • Expert in *nix, Mac OS, and Microsoft Windows operating systems, including:
    • Experience developing covert C2 payloads
    • Understanding of forensic footprint or IOCs left by commons tactics, techniques and procedures
  • Shown industry leadership. For example:
    • Presented novel material at information security conferences
    • Developed open source security tooling
    • Other extra-curricular contributions to the security community

ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at for assistance.