Job Description
Join us at Zendesk, where we're on a mission to power exceptional service for every person on the planet. We're accelerating that ambition by building products rooted in AI, automation, and intelligent customer experiences, because behind every interaction lies an opportunity to make a human connection.
We’re seeking a Staff Security Engineer (P8) to join our Threat Prevention Engineering (TPE) team, part of Zendesk’s Cyber Defense Fusion Center (CDFC). In this role you’ll own and drive large-scale security engineering initiatives that blend modern detection, automation, and AI-assisted workflows to reduce risk and improve our ability to detect, investigate, and respond to threats across Zendesk’s cloud and platform environments.
Problems you’ll solve
- **AI Capability Gap: **AI is already woven into how our team works. This role brings the focused technical leadership needed to push that further, owning the roadmap, driving intentional adoption, and turning emerging AI patterns into mature, production-grade security capabilities.
- **Engineering Capacity & Delivery Velocity: **There's more high-priority work than the team can currently absorb. You'll close that gap directly through delivery and indirectly by multiplying what the people around you can accomplish.
- **Organizational Integration & Control Coverage: **A newly absorbed team has created real gaps in control coverage and tooling alignment. You'll own the engineering work that closes them in a structured, risk-prioritized way.
- **Legacy Technical Debt: **Several critical systems are overdue for modernization. You'll lead phased migrations to cloud-native architectures without disrupting what's already running.
Scale of systems you’ll own
- Enterprise-scale security data pipelines ingesting and processing telemetry across a large, multi-cloud environment
- Kubernetes-native, AWS-hosted containerized security services spanning EKS, Lambda, and supporting infrastructure
- A cross-platform tooling ecosystem covering detection, response, cloud security, and threat intelligence that the entire security organization depends on
- A centralized agentic automation platform that security engineers and analysts rely on daily to move faster and work smarter
- A team-wide AI strategy and roadmap that shapes how every engineer on the team applies AI to security problems
- An organizational control framework enforcing technical standards and integrations across multiple business units
What you’ll be doing
- You'll own the team's AI strategic roadmap, from evaluating emerging frameworks and running proof-of-concepts through shipping agentic and AI-powered capabilities into production
- You'll architect and operate the cloud-native security data infrastructure the team depends on, including detection pipelines, log management, telemetry collection, and data rehydration at enterprise scale
- Complex, multi-phase security engineering initiatives will be yours to lead. That means design, stakeholder alignment, phased migrations, and seeing things through to production without disrupting what's already running
- You'll build automation-first security workflows, including AI-assisted triage and agentic automations that reduce manual effort and make the team faster
- You'll work closely with engineering, platform, cloud, and newly integrated teams to align controls, tooling, and workflows across the organization
- You'll set technical direction and raise the bar for the team, mentoring peers in modern security engineering practices and AI tooling adoption
- You'll define and track the metrics that actually reflect security outcomes, and use that data to drive continuous improvement
What you bring to the role
- You have 8+ years in security or software engineering and have genuinely operated at Staff or Senior scope, owning hard multi-phase projects from whiteboard to production with real outcomes to show for it
- You write production-grade Go and/or Python and have built security tooling that people actually rely on, not just proof-of-concepts
- You're comfortable designing and running containerized workloads on Kubernetes/EKS and building on cloud-native AWS services
- Security fundamentals are second nature: threat modeling, controls architecture, identity and access patterns, and layered defense aren't things you look up
- You've built and maintained security data pipelines and log infrastructure at scale and understand the operational realities that come with it
- You default to automation and code over manual processes. APIs, IaC, and programmatic integrations are how you think about solving problems
- You've moved beyond AI curiosity. You've shipped AI and agentic workflows in real environments and know what governance and validation actually look like in practice
- People follow your technical lead without you needing a title to back it up. You communicate clearly, mentor naturally, and make the teams around you better
Preferred Qualifications
- Familiarity with MCP (Model Context Protocol) or experience building agentic AI integrations.
- Familiarity with common enterprise security platforms across multiple domains, including endpoint detection and response (EDR), SIEM, SOAR, cloud security posture management, threat intelligence, and data analytics.
- Background in detection engineering (detection logic design, alert tuning, false-positive reduction) and SOC collaboration.
- Experience designing and operating security data lakes, log rehydration strategies, and large-scale telemetry infrastructure.
- Relevant certifications (CISSP, OSCP, AWS Security Specialty) or experience at a enterprise-scale SaaS company.
AI literacy (core expectation)
- AI competency is required. Candidates must be comfortable evaluating and integrating AI/LLM tooling into security workflows, building agentic and automated solutions, and establishing validation, governance, and privacy safeguards. You should be able to demonstrate practical, production-oriented uses of AI that improved security outcomes or delivery velocity.
Where and how you'll work
- You'll be part of the Threat Prevention Engineering team, a tight-knit & high impact group of six embedded within Zendesk's broader ~40-person Cyber Defense Fusion Center. This is a hybrid role based in Krakow, with two days per week in the office.
Leveling alignment
- This role maps to P8 (Staff Security Engineer) in Zendesk’s Job Family Architecture Library: a senior individual contributor responsible for setting technical direction, delivering enterprise-impacting solutions, mentoring others, and influencing cross-team strategy.
The Poland annualized base salary range for this position is zł304,000.00-zł456,000.00. Please note that while the salary range represents the minimum and maximum base salary rate for this position, the actual compensation offered will be based on job related capabilities, applicable experience, and other relevant factors. This position may also be eligible for bonus, benefits, or related incentives that will be communicated during the offer stage.
Hybrid: In this role, our hybrid experience is designed at the team level to give you a rich onsite experience packed with connection, collaboration, learning, and celebration - while also giving you flexibility to work remotely for part of the week. This role must attend our local office for part of the week. The specific in-office schedule is to be determined by the hiring manager.
The intelligent heart of customer experience
Zendesk software was built to bring a sense of calm to the chaotic world of customer service. Today we power billions of conversations with brands you know and love.
Zendesk believes in offering our people a fulfilling and inclusive experience. Our hybrid way of working, enables us to purposefully come together in person, at one of our many Zendesk offices around the world, to connect, collaborate and learn whilst also giving our people the flexibility to work remotely for part of the week.
As part of our commitment to fairness and transparency, we inform all applicants that artificial intelligence (AI) or automated decision systems may be used to screen or evaluate applications for this position, in accordance with Company guidelines and applicable law.
Zendesk is an equal opportunity employer, and we’re proud of our ongoing efforts to foster global diversity, equity, & inclusion in the workplace. Individuals seeking employment and employees at Zendesk are considered without regard to race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, disability, military or veteran status, or any other characteristic protected by applicable law. We are an AA/EEO/Veterans/Disabled employer. If you are based in the United States and would like more information about your EEO rights under the law, please click here.
Zendesk endeavors to make reasonable accommodations for applicants with disabilities and disabled veterans pursuant to applicable federal and state law. If you are an individual with a disability and require a reasonable accommodation to submit this application, complete any pre-employment testing, or otherwise participate in the employee selection process, please send an e-mail to peopleandplaces@zendesk.com with your specific accommodation request.