Harness

Senior Product Security Engineer

Harness

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $113,000 - $125,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaKubernetesSDLC

About the role

  • Design and develop product security APIs, tools, and utilities for internal and external stakeholders.
  • Conduct threat modeling and secure design reviews for application backend services and business integrations.
  • Perform advanced penetration tests and adversarial attack simulations against Harness modules, APIs, and codebase using industry-standard frameworks.
  • Lead manual and automated code review efforts to discover vulnerabilities, weaknesses, and anti-patterns in the Harness platform.
  • Implement and operate security tooling including SAST, DAST, and SCA, and integrate these into CI/CD pipelines.
  • Consult and advise developers and Product Managers on security standards, vulnerability remediation, and security architecture.
  • Assess risks and trade-offs, and propose solutions for product security features such as authentication and authorization.
  • Participate in the creation, review, and implementation of technical security standards across global engineering teams.
  • Use the Harness platform to integrate security processes like vulnerability management into the SDLC.
  • Collaborate cross-functionally with Engineering and Product to accelerate the release of software with security by design.

Requirements

  • BS in Computer Science or a related degree.
  • 5+ years of relevant industry experience with a strong security focus.
  • Solid experience with DevSecOps practices and secure SDLC methodologies.
  • Good working knowledge of cyber security frameworks including OWASP, SANS, NIST, and CIS.
  • Ability to describe software supply chain risks and Secure SDLC best practices.
  • Experience with public or private cloud environments such as K8s, AWS, GCP, or Azure.
  • Professional knowledge of enterprise applications, API development, and modern software delivery processes.
  • Previous experience in a cloud-native environment.
  • Proficiency in Java or a comparable language and object-oriented programming methodology.
  • Hands-on experience with security testing tools and vulnerability management workflows.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
API developmentpenetration testingthreat modelingsecure design reviewsSASTDASTSCAJavaobject-oriented programmingDevSecOps
Soft Skills
consultingadvisingcollaborationrisk assessmentproblem-solving