Job DescriptionJob DescriptionZendesk is hiring a Senior Staff-level technical leader to own detection, mitigation, and governance of abuse stemming from AI agents across Zendesk's products and customer integrations. You will combine hands-on offensive and defensive skills with product sensibility to design secure agent architectures, and champion company-wide and engineering changes to prevent AI agent-enabled abuse.
Key responsibilities- Threat strategy & modeling
- Lead threat modeling for AI agent features, integrations, and APIs (prompt injection, jailbreaks, data leakage, automated workflow abuse).
- Maintain an evolving attacker playbook specific to AI agents.
- Technical leadership & engineering collaboration
- Design and prototype mitigation controls (e.g., input/output sanitization, provenance tracing, policy gates, token/session lifetimes, capability scoping, sandboxing).
- Work with Platform, Product, and SDK teams to bake secure defaults into agent SDKs, apps, and API flows.
- Detection & prevention
- Build anomaly detection rules, telemetry, and behavioral analytics to surface anomalous agent activity and abuse patterns.
- Partner with security teams to instrument key signals and automate high-confidence containment actions.
- Incident response & forensics
- Act as a subject-matter expert for investigations involving AI agents; define containment, eradication, and customer communications playbooks.
- Stakeholder engagement & external representation
- Collaborate with Legal/Privacy for compliance, Product for roadmap trade-offs, and Customer Success for mitigation support.
- Represent Zendesk in industry forums on agent safety/security and contribute to standards/best practices where appropriate.
Required qualifications- 10+ years of professional experience in cybersecurity, software engineering, or ML security with demonstrable hands-on experience.
- Deep understanding of application/API security, OAuth/token lifecycle, session management, and modern auth patterns.
- Practical experience with LLMs/agents: understanding of prompt engineering risks, injection attacks, and mitigation approaches for model-based systems.
- Strong track record leading cross-functional technical initiatives and influencing product decisions.
- Excellent communication skills - can translate technical risk into product, legal, and business terms.
- Experience at a SaaS company with a customer support platform.
Preferred qualifications- Experience with incident response and forensic investigations involving data exfiltration or API abuse.
- Prior role building agent safety, trust & safety, or ML security programs.
- Background in privacy, compliance frameworks (SOC2, GDPR), or experience working with Legal/Compliance.
- Advanced degree in CS, Security, or related field and/or relevant certifications (OSCP, CISSP, etc.).
The US annualized base salary range for this position is $240,000.00-$360,000.00. This position may also be eligible for bonus, benefits, or related incentives. While this range reflects the minimum and maximum value for new hire salaries for the position across all US locations, the offer for the successful candidate for this position will be based on job related capabilities, applicable experience, and other factors such as work location. Please note that the compensation details listed in US role postings reflect the base salary only (or OTE for commissions based roles), and do not include bonus, benefits, or related incentives.
