×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity AI Engineer (Applied/Software)

Security Engineer Security Operations Moveworks

Job in Mountain View, Santa Clara County, California, 94039, USA
Listing for: ServiceNow
Full Time position
Listed on 2026-06-17
Job specializations:
  • IT/Tech
    Cybersecurity, AI Engineer (Applied/Software)
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Staff Security Engineer Security Operations Moveworks

Job Description

The Moveworks Security team at Service Now is not looking for a traditional SOC analyst to watch a dashboard. We are looking for a Staff Agentic Security Engineer
. Our ultimate goal is to automate the SOC out of existence through autonomous systems.

At the IC4 level, you will not just execute workflows; you will define the architectural framework for our AI-driven defense. You will treat the incident response lifecycle as an advanced engineering problem—experimenting with, designing, and orchestrating complex, multi‑agent frameworks and Model Context Protocol (MCP) systems that handle proactive threat hunting, triage, and remediation at machine speed. This is a role for a visionary engineer who wants to push the boundaries of what agentic AI can achieve in enterprise defense.

What

you get to do in this role

  • Building and AI Orchestration:
    Move beyond basic tool configuration to build, code, design and research advanced, framework‑level approaches for chaining MCP servers and AI agents. You will optimize agentic networks for maximum performance, multi‑step reasoning accuracy, and deterministic outcomes in high‑stress security scenarios.

  • Proactive Threat Hunting Program:
    Architect and scale a proactive threat hunting program from scratch. You will leverage custom agents, MCP capabilities, and security tooling to proactively discover complex vulnerabilities, configuration drift, and hidden threats across the infrastructure network.

  • Advanced Purple Team Synergies:
    Forge a cutting‑edge feedback loop between the Blue Team and our internally developed AI Red Team Agent. You will seamlessly bridge automated offense and defense, turning threat hunting insights into self‑healing infrastructure.

  • Cross‑Functional Influence & Leadership:
    Act as a strategic engineering partner across IT, Security Engineering, Dev Ops, Dev Sec Ops , Compliance, Cloud, and Infrastructure teams to ensure corporate systems are natively "automation‑ready."

  • E2E IR Automation Architecture:
    Own the overarching engineering roadmap for the end‑to‑end incident response lifecycle (Detection → Triage → Containment → Recovery), replacing traditional SOAR workflows with resilient, agentic orchestration.

  • Incident Commander Escalation:
    Serve as a high‑tier technical escalation point for active, complex incidents. Use every incident as an adversarial data point to design superior automated immune responses.

  • Validate the Defense:
    Design, execute, and validate automated simulation testing to systematically prove that agentic workflows and detection pipelines trigger reliably against real‑world attack behaviors.

Qualifications

  • U.S. Citizenship

    Required:

    (Must meet strict compliance/FedRAMP criteria).

  • Experience:

    8–10 years of experience in Security Operations, Systems Engineering, or Dev Sec Ops  (Minimum 5 years of highly relevant engineering experience required).

  • Cross‑Functional Mastery: 3–5 years of proven track record working closely across multidisciplinary teams including Cloud Infrastructure, Dev Ops, Dev Sec Ops , Compliance, and IT. Bonus points for direct collaboration experience with Product Security or Data Security teams.

  • AI & Agentic Fluency:
    Deep familiarity with modern LLM agent frameworks, including active research into their application, performance trade‑offs, and behavioral guardrails. You know how to deeply integrate LLMs, orchestrate custom MCP servers, and build autonomous technical workflows.

  • Automation Engineering:
    High proficiency in Python and software engineering principles. You have extensive past experience with traditional workflow engines and legacy SOAR tooling, giving you the context needed to successfully replace them with AI‑native alternatives.

  • Cloud & Infrastructure Depth:
    Strong, hands‑on architectural familiarity with AWS security ecosystems (IAM, Cloud Trail, Guard Duty) and containerized environments (Kubernetes/EKS).

  • FedRAMP & Trust Awareness:
    While an engineer first, you possess the communication skills and security compliance maturity to translate framework controls into automated, code‑driven evidence generation pipelines.

  • Team & Collaboration Dynamics: A high‑autonomy, high‑collaboration mindset.…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search