ServiceTitanRemote
Director, Product Security Engineering
United States
Full-time
6 days ago
$221,000 - $296,000 USD
H1B Sponsor Likely
Key skills
Product/Application SecurityCloud SecuritySecurity-as-CodeProgram ManagementMetrics DrivenAI IntegrationStrategic LeadershipRisk ManagementTeam LeadershipCommunication SkillsRAIAzureGitHubLeadershipCommunication
About this role
ServiceTitan is a company focused on transforming security into a force multiplier in product development. The Director, Product Security Engineering will define and enforce secure development practices, manage a team of engineers, and drive cross-functional adoption of security principles to ensure high-quality product delivery while minimizing risks.
Responsibilities:
- Define the long-term vision and technical strategy for the secure development pipeline, ensuring alignment with the overall R&D and business objectives
- Oversee the unified strategy for our tooling ecosystem (GHAS, Wiz, Terra). You will ensure these tools act as automated checkpoints, providing fast, high-fidelity feedback loops for engineers
- Transform our vulnerability management from a 'ticket queue' into a risk-based model. You will own the 'Risk Acceptance' and 'SLA Adherence' processes, ensuring timely focus on what matters
- Act as the strategic owner for the Security Champions Program. You will design the program structure, incentives, and operational logistics to democratize secure development across 80+ squads
- Oversee the strategy for contextual training campaigns. You will move us away from annual compliance videos to contextually relevant micro-trainings enabling our engineers to develop highly secure solutions
- Build and sustain deep, trust based partnerships with Engineering leaders and individual contributors to embed security into the software development lifecycle without creating friction or bottlenecks. You will operate as a force multiplier, enabling engineers to own security outcomes while providing clear structure, prioritization, and support
- Operationalize tools and ticketing pipelines to generate and maintain 'Squad Health' scores. You will use data to drive accountability
- Define and track key performance indicators (SAST/SCA remediation rates, Cloud Security Posture scores, Time-to-Fix) to measure the effectiveness of the 'Secure Paved Road' and report risk reduction to executive leadership
- Translate the Product Security vision into an actionable, multi year strategy and operating plan. You will continuously assess emerging risks, platform maturity, and engineering needs to evolve the secure paved road strategy over time, ensuring it remains aligned with business growth, technology shifts, and threat landscape changes
- Lead, mentor, and grow a team of high performing Product Security Engineers, fostering a culture of ownership, accountability, and automation. You will develop leaders within the team and ensure clear ownership across AppSec and CloudSec domains
- Own the end to end operational model for product security work, including intake, prioritization, and execution. You will use data from vulnerability pipelines and incidents to identify systemic gaps and drive strategic investments that reduce recurring risk and manual effort
- Ensure strategic initiatives are delivered predictably and at scale. Define success metrics, track progress against the roadmap, and clearly communicate outcomes, tradeoffs, and risk reduction to executive leadership
Requirements:
- 7+ years of experience in Product/Application Security, with 3+ years in a Director or Senior Manager role, preferably with a background in software engineering
- Proven track record of defining, driving, and scaling security engineering programs across large, distributed engineering organizations
- Deep, hands-on experience securing cloud native platforms with a preference for Azure, including architecting the deployment and configuration of CSPM, SAST, and SCA platforms such as Wiz, Orca, and GitHub Advanced Security
- Exceptional organizational and communication skills, with the ability to manage complex technical roadmaps, align stakeholders, and drive consensus across engineering, product, and leadership
- Experience managing security through data. You know how to define SLAs, track 'burn down' rates, and present 'Squad Health' metrics to engineering leaders
- A passion for shifting security 'left' and a track record of implementing security-as-code and automation to achieve security at scale
- Demonstrated experience in leveraging AI in the Software Development and Product Security lifecycle