Why This Job is Featured on The SaaS Jobs
Application Security leadership is becoming a core differentiator for SaaS companies that ship frequently and operate cloud native platforms. This role stands out because it treats AppSec as an engineering capability embedded across the SDLC, not a late stage gate, with explicit ownership of architecture, automation, and developer enablement. The remit also includes security design for AI powered features and agentic workflows, an increasingly common frontier as SaaS products add LLM driven functionality.
For a SaaS security career, the scope provides durable experience in building programs that scale with product surface area, teams, and release cadence. Owning secure design reviews, threat modeling, vulnerability management, bug bounty, and incident response ties together prevention, detection, and remediation in a way that maps closely to how modern SaaS platforms manage risk. The emphasis on reusable guardrails and workflow integration reflects the direction of high leverage security engineering.
This role fits a practitioner who wants to lead through technical credibility and cross functional influence, partnering closely with engineering, product, and platform groups. It is well aligned for someone ready to formalize strategy while still staying close to architecture and hands on mechanisms that improve security outcomes.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
We’re looking for a visionary Application Security leader to architect and champion the future of secure engineering at Gong. You will spearhead our strategy for building resilient, AI-powered systems while enabling developers to innovate with velocity and confidence. Together, we will keep the up-market momentum and continuously improve security as a major part of our value proposition.
You’ll Own:
- The strategy, architecture, and execution of Application Security across Gong’s engineering organization.
- Leading the Application Security function within the Platform Security organization, reporting to the Director of Platform Security.
- The Secure SDLC program, including secure design reviews, threat modeling, and security automation.
- Security architecture for AI-powered features, agentic workflows, and data-driven systems.
- Application security risk management, vulnerability tracking, and remediation programs.
- Leading, mentoring, and growing a high-performing Application Security Engineering team.
- Gong’s Bug Bounty program.
- Incident response procedures that relate to the Platform.
- A Security Champions program across R&D.
You’ll Solve:
- Enabling developers to build secure products at scale by designing and operating security foundations embedded throughout the SDLC.
- Ensuring security is built into the design and delivery of all products while enabling rapid innovation and engineering velocity.
- Building security capabilities embedded directly into engineering workflows, including reusable frameworks, libraries, and guardrails.
- Partnering with Engineering, Product, Infrastructure, and AI Platform teams to ensure security design.
- Balancing security rigor with engineering velocity in a fast-paced environment.
You’ll Impact:
- Enabling developers to build secure products at scale.
- Driving a measurable reduction in application risk through engineering improvements.
- Establishing architectural guardrails for data protection, authorization, and runtime controls in AI systems.
- Influencing engineering decisions through deep technical collaboration and trust.
- Defining the security approach for AI-powered features and LLM integrations.
You are:
- A technical security leader who enjoys building systems and teams in equal measure.
- Passionate about enabling developers through platforms, automation, and secure-by-default design.
- Experienced in engineering management or technical leadership (3+ years) and Application Security, Product Security, or Platform Security (6+ years).
- Knowledgeable in cloud-native architectures, APIs, IAM, containers, software supply chain security, and programming (Python & Java).
- Experienced in securing AI applications, LLM integrations, or agent-based systems (highly desirable).
- A builder who believes security should accelerate engineering, not slow it down.
- Collaborative, pragmatic, and able to influence engineering leaders without formal authority.
What makes the Security department at Gong unique?
Here at Gong, we trust and empower our employees with ownership to solve complex problems, make the right decisions, and build the best products that create radical impact. We call it “Own. Solve. Impact.”
Our security team is at the forefront of a monumental shift in implementing processes. Instead of simply saying "no," we embrace the mindset of "let's explore how we can make it work." Our security team brings a wealth of backgrounds, experience, and wisdom to the table.
If you are curious to discover Gong's wonderful and challenging world, what are you waiting for? Don’t delay - fill in your application details. Who knows, maybe there’s a Gongster in you!
We encourage our employees to express their personality and identity (whether gender, ethnic, religious, or sexual), and we ensure fairness and equal opportunities. We follow a hybrid working model that combines working from home, on the go, or at the office. This allows us: flexibility, autonomy, positive work relationships, and effective work habits. If these considerations are important to you when choosing a workplace, we'd love to see you with us. To review Gong's privacy policy, visit www.gong.io/privacy-policy/ for more details.
#LI-TD1