Senior Application Security Engineer - Moveworks

Company Description
Who we are
Moveworks is the Agentic AI Assistant platform that empowers the entire workforce.
Our platform enables employees to converse with all of their business systems through natural language to quickly find answers and automate tasks. Powered by the world's most advanced LLMs, our proprietary models, and a sophisticated Agentic AI platform, we're transforming how work gets done by allowing AI to take initiative, streamline complex workflows, and continuously learn and adapt.
Moveworks is trusted by over 5.5 million employees at more than 350 of the world's largest companies, including 10% of the Fortune 500, to automate everyday tasks and streamline business operations. Recognized on the Forbes Cloud 100 and AI 50 lists, Moveworks was also named one of Fast Company's 2025 Most Innovative Companies and Inc's Best in Business, in the Best in Innovation category. Moveworks was also recognized at Microsoft's 2025 Partner of the Year and in 2024, received the AI Breakthrough Award.
In December 2025, Moveworks was acquired by ServiceNow, marking a pivotal milestone in our journey to create a single front door to work for all business systems. By combining ServiceNow's leading workflow automation with Moveworks' Reasoning Engine and natural language capabilities, we deliver the AI platform for every person and every workflow. Built to go beyond basic summaries to deliver meaningful business impact. Together, our AI acts across enterprise systems to turn conversations into completed work.
By joining our team, you'll be at the forefront of the AI transformation, backed by the global scale of ServiceNow and the agility of a high-growth company. We are looking for world-class talent to help us extend agentic AI to every employee across every corner of the business.
Come join us!
ServiceNow
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
Job Description
The Role
Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with engineers to develop secure solutions from the ground up and ensure they remain robust over time? Are you passionate about learning and mitigating risks on LLM and Agentic AI solutions at scale? If so, we have the perfect opportunity for you.
As a Security Engineer at Moveworks, you will focus on securing our AI infrastructure, platform, and features. Reporting directly to the Head of Application Security, you will be responsible for designing, implementing and executing security solutions and practices that enable our engineering teams to build secure infrastructure and features at scale.
We are working on cutting-edge solutions and safeguards so Large Language Models (LLMs) can be safely deployed in the enterprise. In this role to be successful, you will partner with machine learning, search, product, infrastructure, data, and full-stack teams to identify, define and build elegant security solutions. You'll drive design reviews and threat models, lead security code reviews and pentest efforts. You will also triage and address findings from SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans, as well as reports from our Bug Bounty program. This is an opportunity to play an integral role at the fastest-growing AI startup in its space.
What You Will Do

• Lead Security Reviews: Engage proactively in design discussions and data handling reviews to ensure security is integrated at every stage.
• Execute Penetration Testing: Carry out targeted penetration tests as part of security reviews for features deemed critical. Identify vulnerabilities and recommend strategies for risk mitigation. Develop and refine testing methodologies to effectively uncover and address security risks.
• Develop and Maintain AppSec Processes and Tools: Ensure our AppSec processes and CI/CD scanning tools are up-to-date and effective in identifying and mitigating vulnerabilities.
• Contribute to Application Security (AppSec) Program Enhancements: Play a key role in the continuous improvement of the Application Security program at Moveworks, focusing on effective security outcomes.
• Collaborate with Cross-Functional Teams: Partner with machine learning, search, product, infrastructure, data, and frontend teams to design secure solutions.
• Empower Teams on Security Matters: Enable teams to make informed security-related decisions.

Qualifications
To be successful in this role you have:

• US citizenship required
• 5+ years of experience in Application Security identifying security risks, developing mitigation plans, and implementing security features and solutions.
• 3+ years of experience in Penetration testing.
• 2+ years of experience with SAST, DAST, dependency scanning and vulnerability management tools like Snyk, GitHub Dependabot, Burp Suite.
• 2+ years of modern high-level programming language like Python, Golang or equivalent.
• Cloud Infrastructure: Hands-on experience with cloud-native security best practices across AWS, GCP, and/or Azure.
• Technical Knowledge: In-depth knowledge of application security, network security, authentication, authorization, identity systems, encryption, AI/LLM security and secure coding practices.
• Educational Background: BS+ in computer science or a related field, or equivalent relevant experience.

If you are passionate about application security and excited about the opportunity to make a significant impact at Moveworks, we encourage you to apply. Help us achieve our ambitious goals and maintain a high standard of security as we continue to grow and innovate in the AI space.
Additional Information
Work Personas
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.
Equal Opportunity Employer
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
Accommodations
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance.
Export Control Regulations
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.