Director, Product Security Engineering

ServiceTitan is a company focused on transforming the trades industry through technology, and they are seeking a Director of Product Security Engineering to lead their security initiatives. This role involves defining and implementing a secure development pipeline, managing a team, and ensuring the integration of security practices across engineering teams.

Responsibilities:

• Define the long-term vision and technical strategy for the secure development pipeline, ensuring alignment with the overall R&D and business objectives
• Oversee the unified strategy for our tooling ecosystem (GHAS, Wiz, Terra). You will ensure these tools act as automated checkpoints, providing fast, high-fidelity feedback loops for engineers
• Transform our vulnerability management from a "ticket queue" into a risk-based model
• Own the "Risk Acceptance" and "SLA Adherence" processes, ensuring timely focus on what matters
• Act as the strategic owner for the Security Champions Program
• Design the program structure, incentives, and operational logistics to democratize secure development across 80+ squads
• Oversee the strategy for contextual training campaigns
• Move us away from annual compliance videos to contextually relevant micro-trainings enabling our engineers to develop highly secure solutions
• Build and sustain deep, trust based partnerships with Engineering leaders and individual contributors to embed security into the software development lifecycle without creating friction or bottlenecks
• Operationalize tools and ticketing pipelines to generate and maintain "Squad Health" scores
• Define and track key performance indicators (SAST/SCA remediation rates, Cloud Security Posture scores, Time-to-Fix) to measure the effectiveness of the "Secure Paved Road" and report risk reduction to executive leadership
• Translate the Product Security vision into an actionable, multi year strategy and operating plan
• Continuously assess emerging risks, platform maturity, and engineering needs to evolve the secure paved road strategy over time, ensuring it remains aligned with business growth, technology shifts, and threat landscape changes
• Lead, mentor, and grow a team of high performing Product Security Engineers, fostering a culture of ownership, accountability, and automation
• Own the end to end operational model for product security work, including intake, prioritization, and execution
• Use data from vulnerability pipelines and incidents to identify systemic gaps and drive strategic investments that reduce recurring risk and manual effort
• Ensure strategic initiatives are delivered predictably and at scale
• Define success metrics, track progress against the roadmap, and clearly communicate outcomes, tradeoffs, and risk reduction to executive leadership

Requirements:

• 7+ years of experience in Product/Application Security, with 3+ years in a Director or Senior Manager role, preferably with a background in software engineering
• Proven track record of defining, driving, and scaling security engineering programs across large, distributed engineering organizations
• Deep, hands-on experience securing cloud native platforms with a preference for Azure, including architecting the deployment and configuration of CSPM, SAST, and SCA platforms such as Wiz, Orca, and GitHub Advanced Security
• Exceptional organizational and communication skills, with the ability to manage complex technical roadmaps, align stakeholders, and drive consensus across engineering, product, and leadership
• Experience managing security through data. You know how to define SLAs, track 'burn down' rates, and present 'Squad Health' metrics to engineering leaders
• A passion for shifting security 'left' and a track record of implementing security-as-code and automation to achieve security at scale
• Demonstrated experience in leveraging AI in the Software Development and Product Security lifecycle