Director, Product and Application Security

            Job Description – Director, Product and Application Security

Overview

SailPoint’s Cybersecurity organization is seeking a leader with a passion for cybersecurity and protecting the organization. The successful candidate will serve as our Director of Application and Product Security and lead our team of product security engineers who collaborate with our DevOps and Engineering teams on securing SailPoint’s products.  The Director of Product and Application Security will lead the strategic direction, development, and execution of secure-by-design principles across the product lifecycle for all of SailPoint’s software platforms, including SaaS, on-prem, and AI-based products. 

We’re seeking a leader with proven technical capabilities who also has experience leading people and teams and is accustomed to achieving objectives through the leadership of others. They’ll embrace the opportunity to work across diverse portfolio with a variety of resources and will play a key role as we continually improve our capabilities over time.  They’ll help shape our strategy and future in collaboration with the rest of the cyber leadership team and will work through all dimensions of cybersecurity – people, process, and technology – to achieve our objectives.

Our new Director of Application and Product Security will join an existing, capable team of both emerging and established talent.  They’ll have the opportunity to shape our future through process and technology optimization, capability acquisition and development, and maturation of our existing activities.  They’ll already be comfortable with the 4 I’s at SailPoint (individual, Impact, Innovation, and Integrity) even if they’re new to the concept.  They will embrace new challenges and will be a positive contributor to an already positive work culture and environment.

This is a challenging and impactful role where you will have the opportunity to work with both internal and external stakeholders, drive the continuous improvements of our security program, contribute meaningfully to the security of the global cyber ecosystem, and serve as an ambassador for SailPoint to our customers and the public. 

This role reports directly to the Deputy CISO and can be remote or based in Austin, TX.

Key Responsibilities

• Develop and lead the enterprise-wide product security and resilience strategy, aligning with business goals and regulatory requirements.
• Partner with Dev/Ops, engineering, product management, and infrastructure teams to integrate security into SDLC, DevSecOps, and CI/CD pipelines.
• Establish and oversee secure architecture patterns, threat modeling practices, and resilience engineering frameworks.
• Drive adoption of security automation, vulnerability management, and secure coding standards across product teams.
• Build and mentor a high-performing team of product security architects, engineers, and software security specialists.
• Monitor emerging threats, technologies, and compliance trends to proactively evolve the security posture.
• Collaborate with legal, compliance, and risk teams to ensure alignment with global standards and certifications.
• Define and track KPIs to measure program effectiveness and maturity.

Key Requirements

• 7+ years in leadership roles, preferably in product or application security.
• Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, are beneficial.
• Experience with secure software development practices and tools.
• Experience and knowledge of artificial intelligence software security, including OWASP AI Security and Privacy Guide, NIST AI Risk Management Framework, Cybersecurity AI (CAI), Open SSF AI/ML Security Framework.
• Experience with regulatory frameworks (e.g., NIST, ISO 27001, GDPR).
• Strategic Vision & Execution - Ability to define and communicate a clear vision for product security and resilience aligned with enterprise goals.
• Influence & Collaboration – Demonstrable experience building strong partnerships across an organization to drive secure-by-design culture.
• Technical Leadership - Deep understanding of product security issues (like XXE, SSRF, Injections, etc.), modern software development (fully automated CI/CD, REST, OAuth2) including multi-cloud (AWS, Azure, GCP, Containers, Kubernetes) architectures, particularly Amazon Web Services, Kubernetes, and software bill of materials (SBOM).
• Manage entire lifecycle of security researcher findings, customer reported security questions, issues, incidents, associated CVE’s.
• Change Management – Experience leading organizational change initiatives to embed security and resilience into product development lifecycles.
• Experience building relationships with software engineering teams, including managing mature product security including final security reviews, and, risk-driven product scoring/metrics.
• Talent Development - Demonstrable experience building high-performing teams through coaching, mentoring, and career development.
• Risk-Based Decision Making – Experience making informed decisions through balancing business priorities, technical constraints, and risk exposure.
• Executive Communication – Experience communicating complex technical concepts and ongoing program updates clearly to non-technical stakeholders and executive leadership

Compensation and benefits

• Experience a Small-company Atmosphere with Big-company Benefits
• Competitive pay, 401(k) and comprehensive medical, dental and vision plans
• Recharge your batteries with a flexible vacation policy and paid holidays
• Grow with us with both technical and career growth opportunities
• Position can work in Austin, Texas, or remotely in the continental United States with limited travel to Austin
• Enjoy a healthy work-life balance with flexible hours, family-friendly company events and charitable work
• All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.

As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint’s differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD):

Base salaries for employees based in other locations are competitive for the employee’s home location.

Benefits Overview

1. Health and wellness coverage: Medical, dental, and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children

5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.  

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact [email protected] or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations.  NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.