Ready to be a Titan?
ServiceTitan is at a strategic inflection point. We are evolving our Product Security program from a reactive posture to a proactive, strategic engine. We are looking for an exceptional Senior Product Security Engineer to help us build a "Secure Paved Road"—an automated, self-service ecosystem that enables our 80+ R&D squads to build securely by default.
In this role, you will be the primary technical builder. You will configure the tools, write the guardrails, and implement the automation that allows us to scale security without slowing down development velocity.
What you’ll do:
1. Build the "Secure Paved Road" (Technical Implementation)
Secure-by-Default: collaborate with Platform Engineering to develop and maintain hardened Infrastructure as Code (IaC) modules and microservice templates that have security controls built-in from the start.
Pipeline Automation: Deeply integrate tooling (GHAS, Wiz, Terra) into the CI/CD pipeline to act as automated checkpoints, providing fast feedback to engineers without manual intervention.
Self-Service Configuration: Configure and tune our security platforms to minimize noise, ensuring developers only see high-fidelity, actionable findings.
2. Cloud Security & Democratization
Wiz for Developers: Lead the configuration of Wiz not just as a monitoring tool, but as a democratization platform. You will create custom views and workflows that allow engineering teams to self-service their own cloud security posture.
Automated Guardrails: Implement automated remediation workflows and guardrails that prevent cloud misconfigurations before they reach production.
3. Securing AI & Emerging Tech
AI Guardrails: Design and implement technical guardrails for AI Coding Agents and Model Context Protocols (MCP) to ensure safe adoption of AI in development.
AI-Driven Tooling: Help operationalize Clover Security AI to act as a "GPS" for developers, tuning the system to provide accurate, on-demand design advice.
4. Operational Support & Mentorship
Technical Mentorship: Act as the technical "Pit Crew" for the Security Champions Program. While leadership manages the program logistics, you will be the technical expert answering complex questions and guiding Champions on how to use the paved road.
Autonomous Testing: Onboard and configure Terra for continuous, autonomous penetration testing, ensuring the tool is effectively tailored for squad customizations.
Contextual Training: Assist in setting up "Just-in-Time" training campaigns in GitHub that trigger specific micro-trainings when engineers introduce vulnerabilities.
Triage to Automate: Own the initial triage of incoming vulnerability tickets and the legacy backlog. You will use this hands-on operational work to identify the "noise" and pattern-match recurring issues, directly informing which guardrails and automations you build next.
What you’ll bring:
Experience: 5+ years of experience in Product/Application Security, with a strong background in software engineering (C#/.NET preferred).
Cloud Native Skills: Strong hands-on experience securing cloud platforms (Azure preferred) and configuring CNAPP tools like Wiz or Orca for distributed engineering teams.
Automation Mindset: Proven ability to script (Python, Go, PowerShell) and automate security tasks. You prefer building a tool to solve a problem over fixing it manually
Modern AppSec: Experience moving security "left" using tools like GitHub Advanced Security (GHAS).
AI Forward: Interest in the intersection of AI and Security, specifically in securing AI workloads or using AI agents for defense.
Collaborative Spirit: You are comfortable working directly with developers, acting as a partner and enabler rather than a blocker.
Operational Grit: You are willing to roll up your sleeves and clear the queue when necessary. You view every manual ticket not just as a task to finish, but as a "bug in the process" that needs to be automated away.
Why this role?
From Queue to Code: You won't be stuck in a queue of tickets forever. You are being hired to kill the queue. You will have the autonomy to take our volume of support tickets and architect the solution that makes them disappear..
Measurable Impact: Your automation work will be the primary driver in significantly reducing our critical vulnerability backlog, directly impacting our organizational risk posture.
High-Leverage Work: You will focus on high-value configuration and engineering. By tuning Wiz and Terra effectively, you will empower hundreds of engineers to be secure by default.
Innovation: Join a team that is actively integrating AI into the security lifecycle, from automated remediation to autonomous threat modeling.
Being human isn’t about checking every box on a list. It’s about the experiences we have, people we meet, and the perspectives we share. So, if you have the skills but are hesitant to apply because of your background, apply anyway. We need amazing people like you to help us challenge the conventional and think differently about the problems that we’re solving. We’re in this together. Come be human, with us.
What We Offer:
When you join our team, you’re not just accepting a job. You’re making a career move. Here’s how we’ll support you in doing some of the most impactful work of your career:
Flextime, recognition, and support for autonomous work: Flexible time off with ample learning and development opportunities to continue growing your career. We offer a comprehensive onboarding program, leadership training for Titans at all levels, and other programs and events. Great work is rewarded through Bonusly, peer-nominated awards, and more.
Holistic health and wellness benefits: Company-paid medical, dental, and vision (available to employees and their dependents day 1), parent and siblings’ insurance, wellness benefit, office massage, etc.
Support for Titans at all stages of life: Parental leave and support, financial planning tools, Employee Assistance Program services, and more.
At ServiceTitan, we celebrate individuality and uniqueness. We believe that the convergence of fresh perspectives and experiences from all walks of life is what makes our product and culture so great. We strongly encourage people from underrepresented groups to apply. We do not discriminate against employees based on race, color, religion, sex, national origin, gender identity or expression, age, disability, pregnancy (including childbirth, breastfeeding, or related medical condition), genetic information, protected military or veteran status, sexual orientation, or any other characteristic protected by applicable federal, state or local laws.