AppSec Jobs
← Back to all jobs

PTC

Staff Product Security Engineer

United StatesWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About PTC

PTC Inc. is a global software company based in Boston, Massachusetts, founded in 1985. The company specializes in product lifecycle management (PLM), computer-aided design (CAD), Internet of Things (IoT), augmented reality (AR), and service lifecycle management (SLM). PTC aims to help industrial companies digitally transform their product development, manufacturing, and service operations. The company is known for its innovative software solutions, including Creo for CAD, Windchill for PLM, and ThingWorx for IoT and AR. PTC's products support discrete manufacturers in managing complex products and optimizing processes for cost reduction and quality consistency. With a focus on sustainability and social impact, PTC serves a wide range of industries, including aerospace, automotive, and electronics, and counts 95% of Fortune 500 discrete manufacturing companies among its customers.

Industry

information technology & services

Employees

7,600

2211 engineers

Revenue

$2.7B

Website

Visit →

Security at PTC

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Security is at the core of everything PTC does.
  • The organization emphasizes streamlining developer workflows while maintaining security.
  • Philosophy includes enhancing platform security through expanded support for Content Security Policy (CSP) and reducing time-to-detect and time-to-remediate through automation.

Security Team

  • AppSec team size estimated at 15-25 members based on LinkedIn searches.
  • Led by Vineet Khokhar, Senior Director, Product Security.
  • Currently 1 active job posting.
  • Team focuses on integrating SAST, DAST, SCA, and secrets scanning tools in CI/CD pipelines.

Key Initiatives

  • PTC integrates Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) throughout the development cycle.
  • The company maintains a coordinated vulnerability disclosure program and has active remediation processes for critical vulnerabilities.
  • Recent initiatives include remediation and advisory publishing for Windchill and FlexPLM critical vulnerabilities (March 2026).
  • Focus on shift-left security practices with SAST, DAST, SCA, and secrets scanning tools integrated in CI/CD.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.