Senior Director - SaaS, Cloud & Product Security

Pilot Thomas LogisticsBoston, MA
8h$200,000 - $250,000

About The Position

Our world is transforming, and PTC is leading the way. Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business. Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow – all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible. The Senior Director, SaaS, Cloud & Product Security is a senior security leader responsible for defining and executing the product security strategy across our SaaS platforms, cloud infrastructure, and customer-facing software products. The role partners closely with Engineering, Product Management, SRE/Platform, and GRC/Compliance to embed security into architecture, design, development, deployment, and runtime operations—driving measurable risk reduction while enabling product velocity. This leader builds and scales a high-performing organization that serves as trusted security advisors to product and platform teams, influencing roadmaps and ensuring accountability for remediation of material risks.

Requirements

  • AI-first approach to securing securing SaaS and cloud-native architectures (multi-tenancy, microservices, containers/Kubernetes, service meshes, CI/CD, infrastructure-as-code).
  • Strong application & product security fundamentals (secure design, threat modeling, secure coding patterns, API security, authn/authz, cryptography, secrets management).
  • Fluency with secure development frameworks and maturity models (e.g., NIST SSDF practice groups and outcomes; metrics-driven improvement).
  • Strong stakeholder influence at senior levels—able to navigate ambiguity and drive alignment across Product, Engineering, Platform/SRE, and Compliance.
  • 10+ years in security engineering and/or product security, with significant experience in cloud and SaaS environments.
  • 5+ years leading managers and/or multiple teams, scaling security programs across multiple products or business units.
  • Demonstrated success embedding security into engineering workflows (agile/DevOps) and improving release quality through automated testing and standard gates.
  • Track record partnering with engineering leadership to influence architecture/roadmaps and drive remediation accountability.
  • Experience supporting customer assurance and compliance obligations tied to secure development expectations (SSDF-aligned language helpful).
  • Bachelor’s degree in Computer Science, Engineering, or equivalent practical experience.
  • Proven people leadership experience building and scaling security teams.

Responsibilities

  • Set strategy & operating model: Define and execute a multi-year product/security strategy and roadmap across AI, SaaS, cloud, and product lines; establish a durable operating rhythm.
  • Lead the function: Operate, scale, and lead a product security organization (e.g., security architects, product security engineers, security champions enablement, AppSec tooling/program roles), including hiring, coaching, and performance management
  • Embed security into the SDLC/DevSecOps: Ensure security is integrated into agile delivery through developer security training, design/architecture reviews, threat modeling, security user stories, automated security testing, penetration testing, and audit readiness.
  • Architecture & design influence: Serve as a senior security advisor to engineering leadership; drive secure-by-design decisions for multi-tenant SaaS, APIs, identity, encryption, secrets, logging/monitoring, and tenant isolation.
  • Secure SDLC governance & standards: Own or co-own secure development policies/standards, release security criteria, and “definition of done” expectations (e.g., required SAST/DAST/SCA gates; pre-release validation).
  • Supply chain & third-party security: Define requirements for OSS and third-party components, including provenance, vulnerability monitoring, and secure acquisition/maintenance practices.
  • Metrics & continuous improvement: Establish measurable outcomes and reporting frameworks to track program effectiveness (risk reduction, coverage, remediation speed, escaped defects, incident trends) and guide investment decisions.
  • Cross-functional partnership: Partner with product engineering groups as trusted security counterparts across architecture, design, deployment, and runtime operations; influence backlogs and roadmaps without slowing delivery.
  • Customer & regulatory assurance: Support customer security reviews, attestations, and compliance-driven requirements by translating expectations into practical engineering controls and evidence.

Benefits

  • Employees also have the opportunity to become a PTC shareholder through our employee share purchase program (ESPP), which allows for the purchase of discounted PTC stock.
  • Employees may be eligible for medical, dental and vision insurance, paid time off and sick leave, tuition reimbursement, 401(k) contributions and employer match, flexible spending accounts, life insurance, disability coverage and, if you are an office-assigned employee, a generous commuter subsidy.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service