Security Incident Communications Manager

Company Description
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
Job Description
The ServiceNow Security Organization (SSO)
The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact
Role Overview
The Security Incident Communications Manager, as part of our Security Incident Command team, is responsible for leading clear, timely, and accurate communications during high-pressure security incidents-helping protect ServiceNow's reputation, meet regulatory requirements, and keep stakeholders informed.
This role bridges security, legal, PR, and executive teams to craft incident-specific communication strategies, ensuring alignment, compliance, and a consistent voice across all audiences. The ideal candidate brings both strategic crisis communications expertise and the ability to execute swiftly in fast-moving situations.
Key Responsibilities
Incident Communications Leadership

• Develop & Maintain Communication Plans: Create and regularly update comprehensive communication playbooks for various security incident types, including data breaches, malware outbreaks, and physical security breaches.
• Coordinate with Incident Response: Partner closely with the incident response team to quickly gather facts, assess the situation, and determine the most effective communication approach.
• Manage Stakeholder Messaging:
  • Internal Employees: Share clear updates on incident status, potential risks, and recommended actions.
  • External Customers: Provide timely and transparent information on the incident's impact, mitigation steps, and resolution progress.
  • Public Relations (PR): Partner with the internal PR team to ensure they are briefed on incidents, equipped to handle media inquiries, and able to maintain consistent messaging publicly.
• Ensure Regulatory Compliance: Collaborate with the Security Legal team to ensure all communications align with GDPR, CCPA, and other relevant regulations.
• Document & Report: Maintain thorough records of all incident communication activities, including timelines, messages, approvals, and stakeholder feedback.
• Post-Incident Improvement: In partnership with the Security Incident Response team, lead after-action reviews to evaluate communication effectiveness and identify opportunities to refine playbooks and processes.

Essential Skills & Experience

• Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry.
• Strong Organizational Skills: Proven ability to plan, organize, and execute complex communication plans under tight deadlines.
• Exceptional Communication Skills: Mastery in writing and verbal delivery, with the ability to distill complex, technical situations into clear, concise, audience-appropriate messaging.
• Crisis Management: Demonstrated success managing communications during high-stakes, high-pressure situations while maintaining sound judgment.
• Stakeholder Management: Skilled at building trust and collaboration with executives, legal teams, PR, security professionals, and other internal partners.
• Analytical Thinking: Ability to quickly assess incident facts, anticipate communication challenges, and create solutions in real time.
• Incident Response Knowledge: Understanding of security incident lifecycle-from detection to recovery-and how communications intersect at each stage.
• Technical Proficiency: Familiarity with security concepts and tools sufficient to accurately communicate technical information to non-technical audiences.

Qualifications
Qualifications

• Typically requires a minimum of 8 years of related experience; a Masters degree with 6 years; or a PhD with 3 years of experience in communications, including crisis communications and/or incident communications in a global, matrixed organization, or similar experience mixed with education.
• Proven track record of developing and executing communication strategies for security incidents or other corporate crises.
• Highly organized, self-motivated, and able to work independently while managing multiple priorities.
• Flexible, collaborative, and comfortable in a fast-paced environment.
• Is open, honest and direct but tactful and respectful in communications style and approach.

#SecurityJobs
Additional Information
Work Personas
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.
Equal Opportunity Employer
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
Accommodations
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance.
Export Control Regulations
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.