Security Manager | Site Reliability (SRE) | DevSecOps

Job Description

**PLEASE NOTE:  This role requires someone to be in the San Diego ServiceNow offices.  Days are Flexible, typically 2 to 3 days per week

The ServiceNow Security Organization (SSO)

The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact

The Team

The DevSecOps team within Product Security is responsible for building, integrating, and operating scalable security services that protect the NOW platform, store applications, mobile applications, and internal services.  We empower over 8k developers globally to build secure software by providing resilient automated security tools and services. We are a collaborative and innovative team, driving a security-first culture through automation and continuous improvement.

Role

We are seeking a dynamic and experienced SRE Manager to lead the Site Reliability Engineering (SRE) efforts for the DevSecOps team. Your focus will be on ensuring the operational excellence, security, reliability, performance, and cost optimization of our security services, enabling the DevSecOps team to shift left security findings and proactively mitigate product risks.  You will work closely with two other Service Development Managers that are responsible for the development of SAST, Secret Management, SCA, Container Security, AI Model Security, and service integrations into the SDLC.

As the SRE Manager, you will supervise a team that drives operational excellence, security, reliability, performance, and cost optimization of our security services.  You will enable 8k developers to reliably shift left security findings and proactively mitigate product risks.  You’ll work closely with the Service Development team and a Product Owner to set goals, coordinate/monitor/report on service cost, reliability, performance, security and operational excellence.  In addition, you’ll partner with peer Product Security groups such as Global Security Testing, Research, PSIRT, and Secure Software Development to understand opportunities for workflow automation using ServiceNow.

What you get to do in this role

• Develop and implement the SRE strategy for DevSecOps tools and services, aligning with the organizations OKRs and Product Security goals.

• Build, mentor, and lead a high-performing team of SREs specializing in scaling highly integrated security services.

• Foster a culture of collaboration, ownership, learning, and continuous improvement.

• Manage staffing, budget, tools, workload, task prioritization, and resource allocation for the team.

• Ensure the reliability, availability, and performance of product security tools and services by defining and enforcing SLOs.

• Oversee the design, implementation, and maintenance of monitoring and alerting systems to proactively identify and address potential issues.

• Monitor the performance, availability, cost, and security of these services, identifying bottlenecks and driving improvements.  Drive visibility through reporting and dashboards.

• Manage service cost optimization strategies to provide the highest value security services at the lowest cost.

• Lead incident response efforts, drive blameless postmortems, and implement improvements to prevent recurrence.

• Drive automation initiatives to reduce toil, improve operational efficiency, and enable faster deployments.

• Collaborate with service development managers, engineers, and other stakeholders to ensure smooth operations and alignment on reliability goals.

• Establish processes for Service Readiness and Change Management for review and agreement with Service Development Team.

• Drive capacity management processes to ensure systems can scale to meet future demand by forecasting capacity needs and implementing appropriate scaling strategies.

• Communicate SRE progress, impact, risks, and challenges to Senior Management, Stakeholders, and peer Service Development Managers.

Qualifications

Qualifications

• Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI’s potential impact on the function or industry.

• 6+ years of experience leading SRE or DevSecOps teams with a focus on service operations, quality, automation, security, cost, and support.

• Strong understanding of SRE principles and practices, including SLOs, SLIs, and SLAs.

• Experience scaling operations for SAST, Secret Management, SCA, or Container Security.

• Strong verbal communication skills and demonstrated ability to partner with teams across the company to deliver high impact outcomes

• Extensive experience with cloud native platforms (e.g., AWS, Azure, GCP) and containerization (e.g., Docker, Kubernetes).

• Proficiency in scripting languages (e.g., Python, Bash) and automation tools (e.g., Terraform, Ansible).

• Strong understanding of networking, security, and operating systems.

• Experience with monitoring and logging tools (e.g., Prometheus, ELK, Grafana, etc.).

• Excellent critical thinking skills to solve ambiguous problems.

• Strong written communication skills to deliver technical documentation and communicate technical concepts to both non-technical business users as well as technical stakeholders

• Provides useful real-time coaching and recommends development activities and stretch assignments to team

• Fosters an environment that encourages and enables the team to build skills and develop their careers

• Provides direction, delegates, and removes obstacles to get work done

• Experience managing security tool integrations into the ServiceNow platform and the SDLC.

• Bachelor's degree in Computer Science, Information Security, or a related field (Master's preferred).

Preferred Qualifications

• Experience working with development teams to shift left security.

• Experience with security automation and orchestration tools.

• Certifications in cloud platforms, SRE, or security (e.g., CISSP, CISM, AWS Certified Security).

• Experience with AI Model scanning.

• Experience with ServiceNow Development and/or Administration.

#SecurityJobs

For positions in this location, we offer a base pay of $155,800 to $272,700, plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs.

Compensation is based on the geographic location in which the role is located and is subject to change based on work location.

Additional Information

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance.

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license.