Director, Product Management - Platform Security

About The Position

Requirements

• 8+ years of product management experience, at least 4+ years focused on platform security, identity, API security, or related security products in a SaaS and recently in the modern AI environment.
• Deep working knowledge of modern security protocols and standards (FAPI 2.0, OAuth2/OpenID Connect, fine‑grained scopes, mTLS), strong understanding of modern cryptographic controls and PKI.
• Practical experience designing Zero Trust architectures, MCP and A2A authentication flows, API gateway protection, and secure agenting/tooling patterns for Agentic AI.
• Proven experience building or shipping ML/AI‑driven security detection/response capabilities (threat detection, anomaly detection, behavioral analytics).
• Demonstrated ability to translate complex security requirements into product requirements, run threat models, and deliver production features with engineering and security teams.
• Excellent stakeholder management and communication skills — experience aligning senior security execs and cross‑functional teams to deliver against tight timelines.
• Comfortable in a fast‑moving SaaS & AI environment and motivated to deliver enterprise‑grade solutions at scale.
• 8+ years product management experience with 4+ years focused on platform or product security, identity, or API security (or equivalent experience).
• Experience delivering enterprise security capabilities and working with security engineering and trust orgs to achieve production deployments.
• Bachelor’s degree in Computer Science, Engineering, or equivalent practical experience.

Nice To Haves

• Direct experience implementing or productizing FAPI 2.0, mTLS, fine‑grained OAuth scopes, PKI/key management, or similar high‑assurance standards in production.
• Ability to read and interpret API documentation, sequence diagrams, and architectural schemas. You should be comfortable discussing the nuances of a JWT vs. an OAuth token with a Senior Principal Engineer.
• Hands‑on with Zero Trust implementations and secure MCP and A2A patterns for microservices and agentic tools.
• Track record building ML‑driven detection, telemetry, SIEM, or incident response workflows.
• Experience working at companies building platform APIs used by third‑party agents or toolchains, and familiarity with the security implications of exposing agentic/automated actions to external tooling.
• Experience performing (or leading) threat modeling sessions (STRIDE/PASTA) for complex distributed systems.
• Prior experience working with security/compliance frameworks (SOC 2, ISO 27001, FedRAMP) and supporting audits is a plus.

Responsibilities

• Own the product strategy and roadmap for Product Security across Zendesk Platform and the extended ecosystem, prioritizing features that enable safe AI agentic actions and enterprise adoption.
• Draft detailed technical PRDs for complex security primitives, including FAPI 2.0 implementation, mTLS handshakes, and PKI lifecycles. You won't just 'oversee' these specs; you will be the primary author of the security product logic.
• Lead product design and delivery for ML/AI‑powered security detection, runtime anomaly detection, threat telemetry, and integrations with SIEM/EDR/observability stacks.
• Define the security boundary for AI Agents. You will determine how we safely delegate authority to automated agents through fine-grained scopes, ensuring that 'Agentic' doesn't mean 'Uncontrolled'.
• Partner with the Chief Trust & Security Officer’s organization, Security Engineering, Privacy, Legal, and platform engineering to run threat modeling, security reviews, and ensure compliance and auditability for new capabilities.
• Launch enterprise‑grade controls and monitoring: robust authentication/authorization, fine‑grained RBAC/ABAC, audit trails, telemetry, incident playbooks, and customer configuration/visibility.
• Drive stakeholder alignment and product adoption: work with GTM (sales, technical docs, solutions, customer success) to create messaging, technical enablement, and customer pilots for security features.
• Measure success: define KPIs (security incidents, MTTR, adoption of controls, compliance posture) and iterate quickly to meet enterprise requirements.
• Guide other product talent; ensure high‑quality delivery with rapid cadence while balancing security rigor and developer experience.