Director, Product Management Agentforce Trust & Guardrails

Salesforce Salesforce · Enterprise · San Francisco, CA +1

Director of Product Management for Salesforce's Agentforce platform, focusing on trust and guardrails for AI agents operating in production, especially for regulated and security-sensitive customers. The role involves defining product strategy for agentic AI safety, enterprise security, runtime policy enforcement, and customer-configurable controls across various modalities (text, voice, image). Responsibilities include driving requirements for safety patterns like prompt injection defense, unsafe action prevention, tool-use controls, data exfiltration protection, auditability, and human-in-the-loop controls, as well as partnering with engineering and security teams on runtime enforcement, evaluations, red teaming, and feedback loops. The role also owns product strategy for regulated customer trust patterns and works directly with strategic customers to identify blockers and turn escalations into scalable platform capabilities.

What you'd actually do

  1. Own the Agentforce trust and guardrails product strategy across text, voice, image, tool use, data access, and emerging agent surfaces.
  2. Define the interaction between Salesforce-enforced platform controls and customer-configurable guardrails, including clear guidance for production deployments.
  3. Drive product requirements for agentic safety patterns such as prompt injection defense, unsafe action prevention, tool-use controls, policy enforcement, data exfiltration protection, auditability, and human-in-the-loop controls.
  4. Partner with engineering and security teams on runtime enforcement, evaluations, red teaming, telemetry, and safety feedback loops.
  5. Own the product strategy for regulated customer trust patterns, including OAuth, mTLS, Private Connect, provider-specific trust controls, regional constraints, and related enterprise security requirements.

Skills

Required

  • 8+ years of product management experience in enterprise software, security, AI platforms, developer platforms, or regulated SaaS environments.
  • Hands-on experience with AI trust and safety, agentic security, prompt injection, content safety, model behavior controls, policy enforcement, or related guardrail systems.
  • Understand how modern AI agents work, including LLMs, tools, retrieval, permissions, orchestration, memory/context, and runtime decisioning.
  • Operate technically with engineering teams and are comfortable prototyping, writing specs, reviewing system designs, or using code/scripts to validate a hypothesis.
  • Experience turning ambiguous customer escalations into clear product requirements and scalable platform capabilities.
  • Work across engineering, trust, security, legal, field, and customer executives without losing product judgment.
  • Communicate with precision and can explain complex AI and security concepts clearly to technical and non-technical audiences.
  • Comfortable doing unscalable customer work when needed, but always with the goal of extracting patterns that scale.
  • A related technical degree required.

Nice to have

  • Built or managed products involving AI agents, LLM safety, content moderation, identity/security controls, policy engines, evaluations, red teaming, or enterprise governance.
  • Experience with regulated industries such as healthcare, financial services, public sector, telecommunications, or critical infrastructure.
  • Worked with enterprise security protocols and deployment patterns such as OAuth, mTLS, Private Connect, private networking, tenant isolation, regional inference, or zero data retention.
  • Startup or zero-to-one product experience and can build from first principles in a fast-moving space.
  • Served as the bridge between strategic enterprise customers and engineering teams during high-stakes trust, safety, security, or compliance escalations.

What the JD emphasized

  • AI agents
  • trust and guardrails
  • regulated customers
  • prompt injection
  • unsafe tool use
  • data leakage
  • policy bypass
  • harmful outputs
  • over-permissioned actions
  • multimodal risks
  • healthcare
  • financial services
  • telecom
  • government
  • security-sensitive industries
  • runtime enforcement
  • evaluations
  • red teaming
  • auditability
  • human-in-the-loop controls
  • OAuth
  • mTLS
  • Private Connect
  • regional constraints
  • enterprise security requirements
  • customer escalations
  • product requirements
  • scalable platform capabilities
  • AI agents
  • LLM safety
  • content moderation
  • policy engines
  • evaluations
  • red teaming
  • enterprise governance
  • regulated industries
  • enterprise security protocols
  • deployment patterns
  • zero data retention
  • trust, safety, security, or compliance escalations

Other signals

  • AI agents
  • trust and guardrails
  • regulated customers
  • enterprise security