Senior Director - SaaS, Cloud & Product Security

Our world is transforming, and PTC is leading the way. Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business.

Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow – all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible.

The Senior Director, SaaS, Cloud & Product Security is a senior security leader responsible for defining and executing the product security strategy across our SaaS platforms, cloud infrastructure, and customer-facing software products. The role partners closely with Engineering, Product Management, SRE/Platform, and GRC/Compliance to embed security into architecture, design, development, deployment, and runtime operations—driving measurable risk reduction while enabling product velocity. This leader builds and scales a high-performing organization that serves as trusted security advisors to product and platform teams, influencing roadmaps and ensuring accountability for remediation of material risks.

Responsibilities

• Set strategy & operating model: Define and execute a multi-year product/security strategy and roadmap across AI, SaaS, cloud, and product lines; establish a durable operating rhythm.
• Lead the function: Operate, scale, and lead a product security organization (e.g., security architects, product security engineers, security champions enablement, AppSec tooling/program roles), including hiring, coaching, and performance management
• Embed security into the SDLC/DevSecOps: Ensure security is integrated into agile delivery through developer security training, design/architecture reviews, threat modeling, security user stories, automated security testing, penetration testing, and audit readiness.
• Architecture & design influence: Serve as a senior security advisor to engineering leadership; drive secure-by-design decisions for multi-tenant SaaS, APIs, identity, encryption, secrets, logging/monitoring, and tenant isolation.
• Secure SDLC governance & standards: Own or co-own secure development policies/standards, release security criteria, and “definition of done” expectations (e.g., required SAST/DAST/SCA gates; pre-release validation).
• Supply chain & third-party security: Define requirements for OSS and third-party components, including provenance, vulnerability monitoring, and secure acquisition/maintenance practices.
• Metrics & continuous improvement: Establish measurable outcomes and reporting frameworks to track program effectiveness (risk reduction, coverage, remediation speed, escaped defects, incident trends) and guide investment decisions.
• Cross-functional partnership: Partner with product engineering groups as trusted security counterparts across architecture, design, deployment, and runtime operations; influence backlogs and roadmaps without slowing delivery.
• Customer & regulatory assurance: Support customer security reviews, attestations, and compliance-driven requirements by translating expectations into practical engineering controls and evidence.

Skills and Knowledge

• AI-first approach to securing securing SaaS and cloud-native architectures (multi-tenancy, microservices, containers/Kubernetes, service meshes, CI/CD, infrastructure-as-code).
• Strong application & product security fundamentals (secure design, threat modeling, secure coding patterns, API security, authn/authz, cryptography, secrets management).
• Fluency with secure development frameworks and maturity models (e.g., NIST SSDF practice groups and outcomes; metrics-driven improvement).
• Strong stakeholder influence at senior levels—able to navigate ambiguity and drive alignment across Product, Engineering, Platform/SRE, and Compliance.

Experience

• 10+ years in security engineering and/or product security, with significant experience in cloud and SaaS environments.
• 5+ years leading managers and/or multiple teams, scaling security programs across multiple products or business units.
• Demonstrated success embedding security into engineering workflows (agile/DevOps) and improving release quality through automated testing and standard gates.
• Track record partnering with engineering leadership to influence architecture/roadmaps and drive remediation accountability.
• Experience supporting customer assurance and compliance obligations tied to secure development expectations (SSDF-aligned language helpful).

Minimum Qualifications

• Bachelor’s degree in Computer Science, Engineering, or equivalent practical experience.
• Proven people leadership experience building and scaling security teams.

PTC carefully considers a wide variety of factors when determining compensation. The anticipated annual salary range for this position is between $200,000-250,000. The salary range reflects a good-faith estimate of compensation at the time of posting. Actual compensation may vary based on a candidate's skills, qualifications, experience, and location. Additionally, candidates may be eligible for a performance-based bonus. Employees also have the opportunity to become a PTC shareholder through our employee share purchase program (ESPP), which allows for the purchase of discounted PTC stock. Certain roles may also be eligible for participation in our equity programs. Employees may be eligible for medical, dental and vision insurance, paid time off and sick leave, tuition reimbursement, 401(k) contributions and employer match, flexible spending accounts, life insurance, disability coverage and, if you are an office-assigned employee, a generous commuter subsidy. All total rewards and benefits programs are subject to applicable plan eligibility and other terms and conditions.

For more information about PTC’s comprehensive benefits, please visit our Careers Page.

PTC recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled.

At PTC, we believe in the power of diverse ideas and perspectives. As a global company that values and respects all identities, cultures, and perspectives, we strive to create an inclusive PTC for ALL through an environment where everyone feels like they belong and are empowered to bring their true, authentic selves to work. Proud to be an Equal Opportunity Employer, we welcome applicants from all backgrounds and hire without regard to race, national origin, religion, age, color, ethnicity, ancestry, marital status, sex (including pregnancy), sexual orientation, gender identity, gender expression, genetic information, disability, veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

PTC endeavors to make ptc.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact PTC's Talent Acquisition team at [email protected]. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

Life at PTC is about more than working with today’s most cutting-edge technologies to transform the physical world. It’s about showing up as you are and working alongside some of today’s most talented industry leaders to transform the world around you.

If you share our passion for problem-solving through innovation, you’ll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us?

We respect the privacy rights of individuals and are committed to handling Personal Information responsibly and in accordance with all applicable privacy and data protection laws. ."