Sr. Dir., Product Security and AI

Senior Director, Product Security and AI ServiceNow is seeking a high energy, high EQ Security Leader who thrives in a highly cross-functional, rapid velocity environment. As a direct report to Vice President of Application Security, you'll have the opportunity to work with world-class security experts and cutting-edge technology to secure our product portfolio.  You will play a pivotal role in leading ServiceNow’s product security strategy, execution, and risk management initiatives.This senior leadership position is responsible for ensuring that security is embedded throughout the ecosystem and entire product development lifecycle, including design, development, testing, and deployment of ServiceNow’s products and services. You will collaborate closely with engineering, product management, core infrastructure, security operations, and executive leadership to ensure that the company's product security posture is industry leading.You will:Drive scaleTransform cultureDesign end-to-end global enterprise security solutions, technologies, and strategies across a broad set of security disciplines incorporating AI technologies.Design and implement an integrated security ecosystem blanket to deter, detect, defend, and respond to ServiceNow’s business impacting security, operational security, and risk issues.Responsibilities:Define and implement the long-term vision, strategy, and roadmap for product and application security aligned with company objectives and industry best practices.Lead efforts to integrate security into the Software Development Life Cycle (SDLC) and DevSecOps pipelines, ensuring that security is considered from inception through deployment.Take an adversary perspective to identify, prioritize, and mitigate vulnerabilities in our products across both pre- and post-production environments and establish clear processes for vulnerability management.Develop best-in-class security controls frameworks to enable new initiatives such as our Generative AI efforts.Manage, mentor, and grow a team of product security engineers and architects responsible for application security testing, vulnerability assessments, and code reviews.Foster a culture of innovation, collaboration, and continuous improvement within the product security organization.Partner with product management, engineering, and other relevant teams to ensure that security requirements are clearly defined and implemented within all product offerings.Work closely with legal and compliance teams to ensure product security meets regulatory requirements (e.g., GDPR, CCPA, and other industry-specific regulations).Lead the response to critical product security incidents, vulnerabilities, and threats, ensuring timely mitigation and communication to stakeholders.Oversee threat modeling, vulnerability scanning, and penetration testing to identify and mitigate risks in products and applications.Ensure that security risk assessments are conducted regularly and that remediation efforts are tracked and closed in a timely manner.Champion security best practices within the organization, driving awareness and education for product teams and stakeholders on secure coding practices and emerging threats.Represent product security efforts in customer-facing engagements, providing confidence to clients regarding our security posture.Stay current with emerging threats, vulnerabilities, and security technologies, and incorporate learnings into product security strategies.Drive research and adoption of new security technologies, methodologies, and tools to enhance product security capabilities.