Director, Product Security Engineering

** Director, Engineering Product Security
** At SailPoint, we are at the forefront of transforming enterprise identity governance. With our next-generation Atlas Platform, we are creating the industry's most advanced, AI-powered identity security platform. Our mission is clear: unify and simplify identity management across humans, machines, and AI agents, just as CMDB revolutionized IT asset management.

Atlas is a productized, externally facing platform built for customers, not just internal users. We're integrating multiple product offerings into an internally and externally extensible platform and we need someone who understands what it means to embed security into the DNA of the product lifecycle.

We are seeking a
** Director of Engineering Product Security
** to lead a product and developer-focused security program. This role will enable our product managers and engineering teams to build secure-by-default services from the design phase. The ideal candidate will collaborate with Product, GTM, and customers to anticipate and address evolving product security expectations. This is an opportunity to help build the most secure and extensible identity platform available.
** Why This Role Matters
** Security isn't a gate at the end of the development process—it's the foundation everything else is built on. As SailPoint evolves into a unified platform company, we need a security leader who thinks like a developer, partners like a product owner, and can help architect security that scales to meet the identity security needs of the world’s largest organizations.

You won't be chasing compliance check boxes. You'll be empowering engineering teams with the tools, patterns, and guardrails they need to ship secure code fast. You'll shape how security integrates into our SDLC, our APIs, our extensibility model, and our partner ecosystem.
** You will
*** Lead and grow a high-performing Engineering Product Security team focused on enabling secure development at scale
* Champion a left-shifted security model that puts secure tooling and patterns directly in developers' hands
* Partner deeply with our platform teams to embed security into CI/CD pipelines, architecture patterns, and developer workflows
* Define the security standards and practices that will govern our extensible platform, internal services, external APIs, and partner integrations
* Serve as a security advocate and trusted advisor across Product, Engineering, Cyber Security, and Field teams
** What You'll Own**
* ** Developer Security

Experience:

** Strategic ownership of security tooling, automation, and self-service capabilities that make secure development the path of least resistance. You will set the direction and lead your team in delivering:  + A comprehensive application security tooling strategy encompassing SAST/SCA, DAST, and IAST  + Organizational policies and secure guardrails for AI-assisted development tools (Cursor, Git Hub Copilot, etc.) to ensure AI-generated code meets our security standards  + Automated scanning and validation workflows that catch vulnerabilities in AI-generated code before it reaches production, with your team owning the design, implementation, and continuous improvement of these capabilities
* ** Product Security Architecture:
** Establishment of the strategic framework for threat modeling, secure design patterns, and architecture reviews across our unified platform, including services consumed by customers, partners, and internal teams. You will define the standards, build the review processes, and ensure your team has the capacity and expertise to support the organization at scale.
* ** Security Integration:
** Executive ownership of the partnership with our platform engineering teams to define and drive how security practices are embedded into SailPoint's SDLC and CI/CD pipelines, including AI coding security practices. You will set the integration strategy and ensure your team delivers on it in close collaboration with engineering leadership.
* ** Product Security Program Management:
** Leadership and continuous optimization of programs that measurably reduce vulnerability turnaround time by catching issues before they…