×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Security Incident Commander | Security Org

Job in Santa Clara, Santa Clara County, California, 95053, USA
Listing for: ServiceNow
Full Time position
Listed on 2026-06-13
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: Senior Staff Security Incident Commander | Security Org

Company Description

It all started when engineer Fred Luddy wrote code that automated a tedious task for his coworker, Phyllis. That moment inspired Fred to build a company that could do that for everyone—freeing people from busywork so they could focus on meaningful work. Today, Service Now is the AI control tower for business reinvention. Our Service Now AI platform brings together any AI, any data, and any workflow—helping 85% of the Fortune 500® work smarter, faster, and better.

We're building an AI‑native culture where technology and talent are unstoppable together.

Job Description

The Service Now Security Organization (SSO) delivers world‑class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact.

Service Now’s Security Incident Command (SIC) team is seeking an experienced senior security incident commander to join our fast‑growing team. This role will support the orchestration of incident response strategy and communications during critical information security‑related incidents.

About the SIC Team

The SIC team maintains and executes the Major Security Incidents (MSI) lifecycle within Service Now, including Preparation, Response, and Recovery. MSIs are our most challenging and impactful security incidents which pose active or heightened risk to the company and/or our customers.

Key value areas are preparing the company for MSIs through tabletop exercises (TTX), coordination of activity between many response workstream partners, maintenance and development of playbooks and procedures, tracking key MSI metrics and facts to keep everyone oriented, and communicating status, milestones, blockers, and critical decisions needed to senior management and executive stakeholders, including the CISO.

Responsibilities
  • Orchestrate response and remediation of incident response for highest criticality security events.
  • Take ownership and lead response to critical incidents within the company.
  • Establish and mature documentation surrounding protocols and procedures governing the security incident command team.
  • Prepare and deliver communications, including executive summaries and incident briefings, to key stakeholders during and after incident response.
  • Conduct rapid response, mitigation, and investigations on the highest priority cases impacting Service Now and user data.
  • Partner with the team members across multiple regions to drive response and investigations globally.
  • Organize and facilitate scenario‑based exercises to test and improve incident management and response strategies.
  • Maintain existing playbooks and procedures, as well as develop new ones, to further standardize SIC and its partners' responses when verifying MSIs.
  • Contribute to the organization and completion of Post‑Incident Reviews (PIRs) and Root Cause Analyses (RCAs) following major security incidents.
  • Identify new ways to simplify, integrate, automate and refine the major security incident process to better support internal and external stakeholders.
Qualifications
  • Experience in leveraging or critically thinking about how to integrate AI into work processes, decision‑making or problem‑solving.
  • 12+ years of total cybersecurity professional experience or similar experience with education.
  • 5–8+ years of deep domain expertise in incident response and/or incident management.
  • Experience leading or supporting complex security incidents to resolution end‑to‑end.
  • Excellent verbal and written communication skills (English).
  • Comfort communicating complex topics in a clear and concise manner to different tiers of audiences (highly technical, less technical, executives, practitioners).
  • Problem‑solving and decision‑making skills.
  • Ability to quickly and accurately assess a situation, identify and prioritize risks, and make sound decisions.
  • Familiarity with cybersecurity principles and frameworks (e.g., MITRE ATT&CK).
  • Knowledge across multiple security domains is a plus.
  • Experience…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search