Senior Red Team Security Engineer - Moveworks

Do you think like an attacker when evaluating defenses? Are you motivated by emulating real world adversaries against mature environments? Join Moveworks’s Red Team as we continue to expand and sharpen our adversary simulation capabilities.

Moveworks from ServiceNow is transforming how companies support their employees through AI. As a Senior Red Team Security Engineer, you will drive the next phase of our Red Team by executing high fidelity operations, modeling complex attack paths, and enhancing capabilities that reflect modern threat actors.

You will work closely with the Blue Team to conduct Purple Team exercises and validate detection and response. You will evolve tradecraft in social engineering, malware development, and command-and-control, while driving operational consistency and scale through custom tooling and infrastructure.

We’re looking for someone who leads through execution, brings strong technical instincts, and has a lasting impact on the team’s capabilities. You’ll take ownership of complex engagements, push into areas that require creativity and persistence, and consistently deliver high quality offensive work. You will also play a key role in raising the bar across the team by sharing knowledge, refining tradecraft, and helping others grow.

What you get to do in this role:

• Execute Red Team engagements by simulating advanced threat actors across a diverse attack surface, including enterprise endpoints, cloud infra, networks, and product/services.

• Build, maintain, and scale custom tools and infrastructure to support and automate Red Team operations.

• Develop sophisticated bypasses for security controls, such as Endpoint Detection and Response (EDR) and other monitoring solutions.

• Lead social engineering initiatives, including the design and execution of phishing, vishing, and smishing campaigns to test initial access vulnerabilities.

• Be a sparring partner with the SOC to test and improve detection and response capabilities.

• Stay at the forefront of the industry by researching emerging threats and continuously evolving your offensive security skillset.

• Design novel attack vectors and chain vulnerabilities creatively to achieve high-impact objectives.

• Maintain an attacker’s mindset with the depth to dive into detailed analysis when needed.

• Collaborate cross-functionally with Machine Learning, Search, Product, Infrastructure, Data, and Frontend teams to design and implement secure solutions.

• Empower teams to make informed security-related decisions by documenting and presenting findings to both technical and executive audiences.

To be successful in this role you have:

• 5+ years in Penetration Testing, Red Teaming, Vulnerability Research, and/or Application Security.

• 3+ years of experience in Python, JavaScript, Golang, and C/C++.

• Deep expertise in at least three of the following: macOS security, Linux security, Cloud security (AWS/GCP/Azure), Container security (Docker/Kubernetes), CI/CD pipeline security

• Experience automating parts of the attacker lifecycle using AI.

• Experience with Infrastructure as Code (IaC) tools like Terraform.

• Proven ability to build long-lasting relationships with various teams.

• Expert understanding of network security, application security, authentication, authorization, identity systems, encryption, and secure coding practices.

• Ability to write and present findings for both technical and non-technical teams, including executive management. 

• Strong curiosity about engineering disciplines outside of your immediate expertise and a constant desire to learn.

• Experience working in environments with compliance requirements like SOC2, HIPAA, ISO27001, FedRAMP, etc.

• BS or higher in Computer Science or a related field.

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.