Director, Product Security Engineering

Ready to be a Titan?

The Director, Product Security Engineering will be responsible for defining, building, and enforcing a secure paved road for product development, making secure design and delivery the default path for engineering teams. This includes establishing approved platforms, patterns, and tooling that embed security controls into everyday workflows so teams can move quickly without repeatedly solving the same security problems. The goal is to reduce risk through secure by default architecture, minimize friction between security and engineering, and ensure that deviations from the paved road are intentional, well understood, and reviewed. By doing so, the Director will help scale security across the organization while enabling teams to deliver high quality products efficiently and confidently.

In this hands-on role, you will be the primary strategist, program owner, and leader. You will manage a growing team of high-performing engineers (Cloud Security & Application Security) and drive the cross-functional adoption of security-as-code principles. You will define the vision, manage the roadmap, drive operations and execution, and ensure we scale security without slowing down development velocity.

What you’ll do:

Strategy & Governance:

• Program Vision: Define the long-term vision and technical strategy for the secure development pipeline, ensuring alignment with the overall R&D and business objectives.

• Pipeline Governance: Oversee the unified strategy for our tooling ecosystem (GHAS, Wiz, Terra). You will ensure these tools act as automated checkpoints, providing fast, high-fidelity feedback loops for engineers.

• Risk Management: Transform our vulnerability management from a "ticket queue" into a risk-based model. You will own the "Risk Acceptance" and "SLA Adherence" processes, ensuring timely focus on what matters.

Democratization & Culture:

• Security Champions Program: Act as the strategic owner for the Security Champions Program. You will design the program structure, incentives, and operational logistics to democratize secure development across 80+ squads.

• Just-in-Time Training: Oversee the strategy for contextual training campaigns. You will move us away from annual compliance videos to contextually relevant micro-trainings enabling our engineers to develop highly secure solutions.

• Strong Partnership with Engineering:  Build and sustain deep, trust based partnerships with Engineering leaders and individual contributors to embed security into the software development lifecycle without creating friction or bottlenecks. You will operate as a force multiplier, enabling engineers to own security outcomes while providing clear structure, prioritization, and support.

Metrics & Accountability:

• Squad Health Analytics: Operationalize tools and ticketing pipelines to generate and maintain "Squad Health" scores. You will use data to drive accountability.

• KPI Tracking: Define and track key performance indicators (SAST/SCA remediation rates, Cloud Security Posture scores, Time-to-Fix) to measure the effectiveness of the "Secure Paved Road" and report risk reduction to executive leadership.

Leadership & Program Management:

• Strategic Planning and Evolution: Translate the Product Security vision into an actionable, multi year strategy and operating plan. You will continuously assess emerging risks, platform maturity, and engineering needs to evolve the secure paved road strategy over time, ensuring it remains aligned with business growth, technology shifts, and threat landscape changes.

• Team Leadership: Lead, mentor, and grow a team of high performing Product Security Engineers, fostering a culture of ownership, accountability, and automation. You will develop leaders within the team and ensure clear ownership across AppSec and CloudSec domains.

• Operational Excellence: Own the end to end operational model for product security work, including intake, prioritization, and execution. You will use data from vulnerability pipelines and incidents to identify systemic gaps and drive strategic investments that reduce recurring risk and manual effort.

• Execution and Reporting: Ensure strategic initiatives are delivered predictably and at scale. Define success metrics, track progress against the roadmap, and clearly communicate outcomes, tradeoffs, and risk reduction to executive leadership.

What you’ll need:

• Experience: 7+ years of experience in Product/Application Security, with 3+ years in a Director or Senior Manager role, preferably with a background in software engineering.

• Strategic Leadership: Proven track record of defining, driving, and scaling security engineering programs across large, distributed engineering organizations.

• Technical Depth: Deep, hands-on experience securing cloud native platforms with a preference for Azure, including architecting the deployment and configuration of CSPM, SAST, and SCA platforms such as Wiz, Orca, and GitHub Advanced Security.

• Program Management: Exceptional organizational and communication skills, with the ability to manage complex technical roadmaps, align stakeholders, and drive consensus across engineering, product, and leadership.

• Metrics Driven: Experience managing security through data. You know how to define SLAs, track "burn down" rates, and present "Squad Health" metrics to engineering leaders.

• Automation Focus: A passion for shifting security "left" and a track record of implementing security-as-code and automation to achieve security at scale.

• AI Forward: Demonstrated experience in leveraging AI in the Software Development and Product Security lifecycle.

Why this role?

• Lead the Transformation: You will lead the cultural and technical shift that transforms security into a force multiplier. By operationalizing the "Secure Paved Road" and shifting security left, you will enable ServiceTitan engineers to deliver high-quality products efficiently, ensuring that deviations are intentional and risk is managed strategically rather than reactively

• Measurable Impact: Your leadership and strategic automation work will be the primary driver in significantly reducing our critical vulnerability backlog, directly impacting our organizational risk posture.

• Safeguarding the Customer: You will lead the team in high-value platform configuration and engineering that directly protects the livelihood of the Trades. Your work ensures that while our engineers focus on building features, our customers can focus on running their businesses, confident that the platform they rely on is secure.

• Innovation: Join a team that is actively integrating AI into the security lifecycle, from automated remediation to autonomous threat modeling, and lead our efforts in this space.

Be Human With Us:

Being human isn’t about checking every box on a list. It’s about the experiences we have, people we meet, and the perspectives we share. So, if you have the skills but are hesitant to apply because of your background, apply anyway. We need amazing people like you to help us challenge the conventional and think differently about the problems that we’re solving. We’re in this together. Come be human, with us. 

What We Offer:
When you join our team, you’re not just accepting a job. You’re making a career move. Here’s how we’ll support you in doing some of the most impactful work of your career:

• Flextime, recognition, and support for autonomous work: Flexible time off with ample learning and development opportunities to continue growing your career. We offer a comprehensive onboarding program, leadership training for Titans at all levels, and other programs and events. Great work is rewarded through Bonusly, peer-nominated awards, and more.

• Holistic health and wellness benefits: Company-paid medical, dental, and vision (with 100% employer paid options and 90% coverage for dependents), FSA and HSA, 401k match, and telehealth options including memberships to One Medical.

• Support for Titans at all stages of life: Parental leave and support, up to $20k in fertility services (i.e. IUI and IVF), surrogacy, and adoption reimbursement, on demand maternity support through Maven Maternity, free breast milk shipping through Maven Milk, pet insurance, legal advisory services, financial planning tools, and more.

At ServiceTitan, we celebrate individuality and uniqueness. We believe that the convergence of fresh perspectives and experiences from all walks of life is what makes our product and culture so great. We strongly encourage people from underrepresented groups to apply. We do not discriminate against employees based on race, color, religion, sex, national origin, gender identity or expression, age, disability, pregnancy (including childbirth, breastfeeding, or related medical condition), genetic information, protected military or veteran status, sexual orientation, or any other characteristic protected by applicable federal, state or local laws.

ServiceTitan is committed to fair and equitable compensation for all of our employees. We thoughtfully consider a wide range of factors when determining individual compensation.The expected salary range for this role for candidates residing in the United States is between $221,400 USD - $296,100 USD. Compensation for candidates residing outside the United States will vary by location and the specific salary range will be discussed during the hiring process. Actual compensation for an individual may vary depending on skills, performance over time, qualifications, experience, and location. In addition to the base salary, the total compensation package also includes an annual bonus, equity and a holistic suite of benefits.