Senior Director, Product Security

Zendesk

Lead and define product security vision at Zendesk while collaborating on AI-powered customer service solutions. Shape robust security strategies and build high-performing teams for scalable product security.

Posted 6/25/2026full-timeRemote • California, New York, Texas • 🇺🇸 United StatesSenior💰 $278,000 - $416,000 per yearWebsite

Tech Stack

Tools & technologies

CloudSDLC

About the role

Key responsibilities & impact

Set the Product Security Vision and Operating Model
Define and drive Zendesk’s product security strategy across our products, AI capabilities, platform services, APIs, integrations, and developer ecosystem.
Build a roadmap that reduces customer-impacting risk, improves engineering velocity, and establishes clear outcomes, metrics, and accountability.
Partner with leaders across Product, Engineering, AI, Infrastructure, Privacy, Legal, and GRC to align security priorities with business strategy and customer trust.
Lead with Technical Credibility
Serve as a senior technical authority on product security for SaaS, cloud-native, and AI-enabled systems.
Engage directly in high-risk architecture reviews, threat modeling, vulnerability analysis, and incident remediation decisions, helping teams make pragmatic trade-offs across identity, authorization, API security, encryption, tenant isolation, and secure design.
Build Secure-by-Design Systems
Shift product security from reactive review to secure-by-design engineering by driving reusable patterns, paved roads, automation, platform controls, and developer self-service.
Strengthen secure SDLC practices and improve security tooling coverage across code, dependencies, APIs, infrastructure as code, and CI/CD pipelines.
Secure AI and Agentic Product Surfaces
Partner with AI and product engineering teams to identify and mitigate risks in AI agents, copilots, LLM integrations, retrieval systems, and autonomous workflows.
Define secure design principles for authorization, action scoping, auditability, human oversight, data minimization, model/provider boundaries, and abuse prevention.
Own Product Vulnerability Management and Response
Own the full lifecycle of product vulnerability management and security response, from discovery and prioritization through remediation, validation, customer-impact assessment, and durable prevention.
Leverage automation and AI-assisted analysis to identify, triage, and remediate vulnerabilities across Zendesk codebases, while partnering on bug bounty reports, customer-reported issues, external penetration testing, and product security incidents.
Build and Develop a High-Performing Team
Lead, mentor, and grow a global high-performing Product Security team, including managers and senior technical ICs, with the technical depth, strategic judgment, and cross-functional influence needed to support Zendesk at scale.
Build a rigorous, pragmatic, inclusive culture that is trusted by Engineering and helps accelerate secure product delivery.
Communicate Risk Clearly
Translate complex technical risks into clear business, customer, and engineering trade-offs. Provide crisp metrics, trends, and recommendations to executive leadership, and support customer trust conversations, security reviews, RFPs, and enterprise escalations with credible product security expertise.

Requirements

What you’ll need

12+ years of experience across product security, application security, software engineering, security architecture, cloud security, offensive security, or related technical security roles, including 7+ years leading high-performing security or engineering teams.
Deep experience securing large-scale, cloud-native, enterprise, or AI-enabled products that handle sensitive customer data, operate in multi-tenant environments, and carry high customer trust expectations.
Strong product engineering credibility, with the ability to partner effectively with Engineering and Product teams and embed security into how software is designed, built, tested, deployed, and operated.
Hands-on technical depth across areas such as web and API security, authentication and authorization, identity systems, tenant isolation, cloud and container security, CI/CD, software supply chain security, secrets management, vulnerability management, secure SDLC, and incident response.
Demonstrated ability to lead or meaningfully contribute to threat models, architecture reviews, vulnerability triage, exploitability analysis, secure design decisions, and product security incident reviews.
Experience building secure-by-default patterns, developer tooling, platform controls, automation, and paved roads that scale security across engineering organizations without slowing product delivery.
Working knowledge of AI, LLM, and agentic security risks, including prompt injection, data leakage, tool abuse, unsafe autonomous actions, model and provider trust boundaries, RAG security, and guardrail design.
Strong executive communication skills, with the ability to translate technical risk into clear business impact, customer implications, trade-offs, and investment priorities.
A pragmatic, product-minded approach to risk, with a track record of protecting customers while helping teams ship securely and quickly.

Benefits

Comp & perks

Flexible work arrangements
Professional development

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

product securityapplication securitysecurity architecturecloud securityoffensive securityweb securityAPI securityvulnerability managementsecure SDLCincident response

Soft Skills

leadershipmentoringcommunicationstrategic judgmentcross-functional influencerisk translationteam buildingpragmatic approachcustomer trustcollaboration