Director, Securtity Engineering

The OpportunityWe are seeking a visionary Director of Security Engineering to lead our global Application and Cloud Security programs. This is a high-impact leadership role responsible for securingOur next-generation Agentic AI platforms and our "Zero Data" enterprise ecosystem. As we shifts from conversational AI to autonomous agents that execute multi-step business processes, the security challenge evolves from protecting data to protecting intent, execution, and identity. You will lead a world-class team of engineers distributed across the USA and India, deeply integrated with our core engineering hub in HQ to ensure security is a business accelerator, not a bottleneck.What You Will Do (Key Responsibilities) Set the global multi-year roadmap for Product and Cloud Security, specifically tailored to protect autonomous agent workflows, Model Context Protocols (MCP), and RAG pipelines. Design and implement runtime guardrails to prevent prompt injection, goal hijacking, and unauthorized tool-calling by autonomous agents. Oversee the security architecture for agent sandboxing and isolated execution to ensure untrusted code/tool outputs cannot compromise the host. Evolve standard VAPT into a continuous Adversarial Red Teaming program focused on LLM vulnerabilities, training data poisoning, and membership inference attacks. Drive security standards across AWS, GCP, and Azure, with a focus on enforcing "Zero Data" principles—ensuring sensitive customer data is never cached or logged within the AI cloud. Architect robust workload identity and "Agent Identity" federation to ensure agents operate with the least-privilege necessary to fulfill their specific tasks across multi-cloud environments. Enforce Infrastructure as Code (IaC) security and Cloud Security Posture Management (CSPM) to maintain a consistent security posture across global regions (North America, APJ, EMEA). Lead and scale high-performing teams in the USA and India. Bridge the gap between Palo Alto’s rapid research cycles and India’s engineering scale, ensuring 24/7 security coverage. Build and maintain an automated security "paved road," providing developers with self-service tools for SAST/DAST, SCA, and automated threat modeling that integrates seamlessly with CI/CD. Operationalize a Unified Control Framework (SOC 2, ISO 27001, ISO 42001, and the EU AI Act) into automated checks, moving away from manual audits toward continuous compliance.Required Qualifications 12+ yearsin security engineering, with 5+ years leading global teams (experience managing USA and India-based teams is highly preferred). Deep technical understanding of the OWASP Top 10 for LLMs and the unique risks of Agentic AI (e.g., insecure output handling, indirect prompt injection). Proven track record of securing distributed Python, Go, and Node.js environments at enterprise scale. Expert-level knowledge of Kubernetes (EKS/GKE/AKS), serverless security, and cross-cloud identity management. Ability to code or deeply review automation scripts (Python, Terraform, etc.) to ensure security is integrated into the developer workflow. Exceptional ability to translate "Agentic Risk" or “Technical Topics” into business impact for the executive leadership team. Proven ability to manage distributed teams and "penetrate" high-velocity engineering cultures to build lasting security partnerships.Preferred Qualifications Demonstrated contributions to the security community are a plus. Advanced Certifications such as CISSP, CCSP, or specialized AWS/GCP Security certifications. Experience implementing the NIST AI Risk Management Framework or ISO 42001 in a production environment. Experienced with risk-based prioritization methodologies such as the Security Prioritization Framework (SPF) to align security remediation with business velocity.

Apply Now