Senior Director, Product Security

Job DescriptionAbout the roleZendesk is building the future of AI-powered customer and employee service. Our products help organizations resolve customer issues across channels, automate complex workflows, and protect sensitive customer and end-user data at global scale. Security is foundational to that trust.We are looking for a Senior Director of Product Security to define and lead the next chapter of product security at Zendesk. This is a senior leadership role for someone who can set a compelling long-term vision, build and scale strong teams, influence product and engineering strategy, and still go deep technically when the situation requires it.You should be comfortable moving from executive-level risk and product strategy to detailed technical discussions about authorization models, API security, AI agent threat models, secure SDLC controls, vulnerability management, and incident root cause analysis. You will help make security a native property of Zendesk’s products rather than a late-stage review or compliance checkpoint.What you’ll doSet the Product Security Vision and Operating Model Define and drive Zendesk’s product security strategy across our products, AI capabilities, platform services, APIs, integrations, and developer ecosystem. Build a roadmap that reduces customer-impacting risk, improves engineering velocity, and establishes clear outcomes, metrics, and accountability. Partner with leaders across Product, Engineering, AI, Infrastructure, Privacy, Legal, and GRC to align security priorities with business strategy and customer trust.Lead with Technical Credibility Serve as a senior technical authority on product security for SaaS, cloud-native, and AI-enabled systems. Engage directly in high-risk architecture reviews, threat modeling, vulnerability analysis, and incident remediation decisions, helping teams make pragmatic trade-offs across identity, authorization, API security, encryption, tenant isolation, and secure design.Build Secure-by-Design Systems Shift product security from reactive review to secure-by-design engineering by driving reusable patterns, paved roads, automation, platform controls, and developer self-service. Strengthen secure SDLC practices and improve security tooling coverage across code, dependencies, APIs, infrastructure as code, and CI/CD pipelines.Secure AI and Agentic Product Surfaces Partner with AI and product engineering teams to identify and mitigate risks in AI agents, copilots, LLM integrations, retrieval systems, and autonomous workflows. Define secure design principles for authorization, action scoping, auditability, human oversight, data minimization, model/provider boundaries, and abuse prevention.Own Product Vulnerability Management and Response Own the full lifecycle of product vulnerability management and security response, from discovery and prioritization through remediation, validation, customer-impact assessment, and durable prevention. Leverage automation and AI-assisted analysis to identify, triage, and remediate vulnerabilities across Zendesk codebases, while partnering on bug bounty reports, customer-reported issues, external penetration testing, and product security incidents.Build and Develop a High-Performing Team Lead, mentor, and grow a global high-performing Product Security team, including managers and senior technical ICs, with the technical depth, strategic judgment, and cross-functional influence needed to support Zendesk at scale. Build a rigorous, pragmatic, inclusive culture that is trusted by Engineering and helps accelerate secure product delivery.Communicate Risk Clearly Translate complex technical risks into clear business, customer, and engineering trade-offs. Provide crisp metrics, trends, and recommendations to executive leadership, and support customer trust conversations, security reviews, RFPs, and enterprise escalations with credible product security expertise.What you bring to the role12+ years of experience across product security, application security, software engineering, security architecture, cloud security, offensive security, or related technical security roles, including 7+ years leading high-performing security or engineering teams.Deep experience securing large-scale, cloud-native, enterprise, or AI-enabled products that handle sensitive customer data, operate in multi-tenant environments, and carry high customer trust expectations.Strong product engineering credibility, with the ability to partner effectively with Engineering and Product teams and embed security into how software is designed, built, tested, deployed, and operated.Hands-on technical depth across areas such as web and API security, authentication and authorization, identity systems, tenant isolation, cloud and container security, CI/CD, software supply chain security, secrets management, vulnerability management, secure SDLC, and incident response.Demonstrated ability to lead or meaningfully contribute to threat models, architecture revie