Principal Security Architect

Company Description

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.

Job Description

About the role:

We are seeking a highly accomplished Principal Security Architect to lead the design and implementation of enterprise-wide security strategies. This role will be instrumental in securing our enterprise applications, AI-driven platforms (including AI Agents), and cloud environments against evolving cyber threats. The Principal Security Architect will partner with technology leaders, engineering teams, and business stakeholders to define security architecture standards, guide the adoption of emerging technologies, and provide solutions for the most complex security challenges.

Key Responsibilities:

Security Architecture & Strategy

• Define and own the enterprise security architecture for applications, AI/ML, AI Agents, data, and infrastructure.
• Establish security reference architectures, patterns, and frameworks to drive consistent adoption across the organization.
• Develop zero-trust security models, secure-by-design principles, and identity-centric security frameworks.
• Anticipate and design solutions for emerging threats in AI, cloud-native, and hybrid environments.

Enterprise Applications Security

• Architect secure application development practices, including secure coding standards, API security, and microservices security.
• Guide teams on secure integration patterns for SaaS, PaaS, and enterprise platforms.

Advanced AI & AI Agents Security

• Develop strategies to secure AI/ML pipelines (data ingestion, training, inference).
• Secure AI Agents by implementing:
  • Access control and identity verification for autonomous agents.
  • Protection against prompt injection, model manipulation, and impersonation attacks.
  • Guardrails for data access, least-privilege permissions, and secure API call orchestration.
  • Auditability and logging frameworks to track AI Agent decisions and actions.
• Apply confidential computing, secure enclaves, and federated learning to protect models and datasets.
• Establish responsible AI and AI Agent governance aligned with frameworks like NIST AI RMF, EU AI Act, ISO/IEC AI standards.

Cloud, Networking & Infrastructure Security

• Lead cloud security architecture across Azure, GCP, and hybrid environments.
• Architect secure solutions for Kubernetes, serverless, and containerized workloads.
• Apply IaC security controls and leverage cloud-native tools (CSPM, CWPP, CIEM).
• Architect network security solutions, including:
  • Firewalls, IDS/IPS, WAF, VPNs, and next-gen networking tools.
  • Secure segmentation and micro-segmentation for hybrid and multi-cloud environments.
  • Network observability and anomaly detection for intrusion prevention.
• Implement data encryption, key management, and certificate-based trust models at enterprise scale.

Security Tools & Operations

• Evaluate, integrate, and optimize best-of-breed security tools
• Mentor teams to adopt DevSecOps practices and shift security left in development pipelines.

Qualifications

• 15+ years of experience in security architecture, enterprise application security, and cloud security.
• Proven success in securing large-scale enterprise systems and regulated environments.
• Strong expertise in ServiceNow Security Operations and integrations.
• Deep knowledge of AI/ML security and AI Agent protection mechanisms.
• Extensive experience in network security and advanced defense tools.
• Expertise in cryptography, IAM, PKI, OAuth2.0, SAML, OIDC.
• Strong understanding of compliance frameworks (ISO 27001, NIST CSF, PCI-DSS, SOC2).
• Exceptional ability to communicate security risks and strategies to executives and engineers alike.

Preferred Skills

• Experience securing AI Agent ecosystems (multi-agent orchestration, agentic workflows).
• Advanced knowledge of network observability, DDoS protection, and secure traffic routing.
• Familiarity with AI/ML governance and adversarial defense.
• Hands-on with threat modeling methodologies (STRIDE, PASTA).

Emerging Technology Group

Emerging Technology Group (ETG) is ServiceNow’s Digital Technology (DT) internal incubation group. Being customer zero for ServiceNow products, we ensure the products work internally and deliver value as they reach customers. As Customer Zero, we implement all technology workflows and deliver the best experience.

With AI everywhere, we are responsible for AI Experiences that cut across the enterprise, such as Search, Conversational Interfaces, and Automation. We also help DT developers be productive in building enterprise-grade products on the ServiceNow Platform.

We are focused on accelerating innovations and developing new concepts, forward-thinking solutions, and products leveraging ServiceNow’s Intelligent Platform and the best industry standards.

If you enjoy learning, growing, and making an impact, you will love being in this role. You will get exposure to every facet of the enterprise and can make a meaningful impact on both the business and the people who work here. You will face new challenges and priorities every day, which can be invigorating and push the boundaries of your thought process.

About Digital Technology

We’re not yesterday’s IT department—we're Digital Technology. The world around us keeps changing, and so do we. We’re redefining what it means to be IT with a mindset centered on transformation, experience, AI-driven automation, innovation, and growth. We’re all about delivering delightful, secure customer and employee experiences that accelerate ServiceNow’s journey to becoming the defining enterprise software company of the 21st century. We love co-creating, using, and highlighting our own products to do it.

Ultimately, we strive to make the world work better for employees and customers—when you work in ServiceNow Digital Technology, you work for them.

Additional Information

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.