Senior Product Security Engineer

6 days ago


Bengaluru, Karnataka, India Harness Full time ₹ 12,00,000 - ₹ 24,00,000 per year

Harness is a high-growth company that is disrupting the software delivery market. Our mission is to enable the 30 million software developers in the world to deliver code to their users reliably, efficiently, securely and quickly, increasing customers' pace of innovation while improving the developer experience. We offer solutions for every step of the software delivery lifecycle to build, test, secure, deploy and manage reliability, feature flags and cloud costs. The Harness Software Delivery Platform includes modules for CI, CD, Cloud Cost Management, Feature Flags, Service Reliability Management, Security Testing Orchestration, Chaos Engineering, Software Engineering Insights and continues to expand at an incredibly fast pace.

Harness is led by technologist and entrepreneur Jyoti Bansal, who founded AppDynamics and sold it to Cisco for $3.7B. We're backed with $425M in venture financing from top-tier VC and strategic firms, including J.P. Morgan, Capital One Ventures, Citi Ventures, ServiceNow, Splunk Ventures, Norwest Venture Partners, Adage Capital Partners, Balyasny Asset Management, Gaingels, Harmonic Growth Partners, Menlo Ventures, IVP, Unusual Ventures, GV (formerly Google Ventures), Alkeon Capital, Battery Ventures, Sorenson Capital, Thomvest Ventures and Silicon Valley Bank.

Overview:

The Senior Product Security Engineer will lead efforts to secure the Harness software by embedding security into every stage of the development lifecycle. This role involves vulnerability management, internal adoption of cutting-edge security solutions, and enabling teams to shift left on security while safeguarding the software supply chain.

Key Responsibilities
  • Lead identification, triage, and remediation of vulnerabilities across the Harness platform and modules, partnering with engineering teams to establish SLAs and track progress.
  • Collaborate with engineers to perform threat modeling for new and existing features, identifying risks early and providing actionable recommendations.
  • Promote and implement Harness STO and SCS modules internally to demonstrate security best practices and drive adoption.
  • Develop and integrate security controls and checks into CI/CD workflows to detect issues before deployment.
  • Establish robust processes for software supply chain security, including dependency management and artifact integrity verification using SLSA.
  • Stay updated on emerging threats targeting software supply chains and adjust strategies proactively.
  • Plan and execute periodic penetration tests to uncover vulnerabilities and validate security controls, working with internal teams and external testers.
  • Leverage expertise in security scanners and tools (e.g., SAST, DAST, IAST, SCA) to ensure consistent testing and reporting.
  • Evaluate and recommend security tools to align with organizational needs and improve testing coverage.
  • Partner with engineering, platform, and DevOps teams to foster a security-first mindset through training and enablement.
  • Support compliance initiatives by aligning product security practices with regulatory standards and maintaining audit documentation.
  • Participate in design and architecture reviews to identify and mitigate potential security weaknesses early in the development lifecycle.
  • Enhance automation for vulnerability management and reporting to improve visibility and response time.
  • Collaborate with incident response teams to investigate and remediate product-related security incidents.
Qualifications
  • Proven 4 to 6 years of experience in product security, vulnerability management, and secure software development lifecycle practices.
  • Hands-on expertise with security tools such as OWASP ZAP, Burp Suite, Prisma Cloud, Semgrep, or equivalent.
  • Strong understanding of CI/CD processes, tools (e.g., Jenkins, GitHub Actions, Harness), and shift-left security approaches.
  • Knowledge of secure coding practices, threat modeling methodologies, and supply chain security principles.
  • Familiarity with different types of security testing SAST, DAST, IaC, SCA) and proficiency in evaluating scanning tools.
  • Experience scripting or coding in Python, Go, or for automation and security tooling.
  • Strong collaboration skills with engineering and DevOps teams to embed security practices effectively.
  • Passion for fostering a security-first culture through enablement, training, and continuous improvement.
  • Excellent communication skills to convey technical security concepts to diverse stakeholders.
  • Working knowledge of cloud environments (AWS, GCP, or Azure) and securing containerized applications (Docker, Kubernetes).
  • Experience scripting or automating security workflows using Python, Go, or similar languages.
  • Familiarity with modern IaC and cloud security scanning tools (e.g., Checkov, Prisma, Trivy).
Harness In The News:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.

Note on Fraudulent Recruiting/Offers

We have become aware that there may be fraudulent recruiting attempts being made by people posing as representatives of Harness. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers.

Please note, we do not ask for sensitive or financial information via chat, text, or social media, and any email communications will come from the domain Additionally, Harness will never ask for any payment, fee to be paid, or purchases to be made by a job applicant. All applicants are encouraged to apply directly to our open jobs via our website. Interviews are generally conducted via Zoom video conference unless the candidate requests other accommodations.

If you believe that you have been the target of an interview/offer scam by someone posing as a representative of Harness, please do not provide any personal or financial information and contact us immediately at . You can also find additional information about this type of scam and report any fraudulent employment offers via the Federal Trade Commission's website (, or you can contact your local law enforcement agency.



  • Bengaluru, Karnataka, India Safe Security Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    At SAFE Security, our mission is bold and ambitious: We Will Build CyberAGI — a super-specialized system of intelligence that autonomously predicts, detects, and remediates threats. This isn't just a vision—it's the future we're building every day, with the best minds in AI, cybersecurity, and risk. At SAFE, we empower individuals and teams with the...


  • Bengaluru, Karnataka, India Safe Security Full time ₹ 5,00,000 - ₹ 15,00,000 per year

    At SAFE Security, our mission is bold and ambitious: We Will Build CyberAGI — a super-specialized system of intelligence that autonomously predicts, detects, and remediates threats. This isn't just a vision—it's the future we're building every day, with the best minds in AI, cybersecurity, and risk. At SAFE, we empower individuals and teams with the...


  • Bengaluru, Karnataka, India Safe Security Full time ₹ 6,00,000 - ₹ 18,00,000 per year

    At SAFE Security, our mission is bold and ambitious:We Will Build CyberAGI— a super-specialized system of intelligence that autonomously predicts, detects, and remediates threats. This isn't just a vision—it's the future we're building every day, with the best minds in AI, cybersecurity, and risk. At SAFE, we empower individuals and teams with the...


  • Bengaluru, Karnataka, India Rippling Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    About RipplingRippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.Take onboarding, for example....


  • Bengaluru, Karnataka, India slice Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    About Usslice the way you bankslice's purpose is to make the world better at using money and time, with a major focus on building the best consumer experience for your money. We've all felt how slow, confusing, and complicated banking can be. So, we're reimagining it. We're building every product from scratch to be fast, transparent, and feel good, because...


  • Bengaluru, Karnataka, India Cloud Software Group Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    The Senior product security engineer is responsible for executing the Security Development Lifecycle (SDL) for Citrix On-Prem and Cloud products to ensure that our software meets the customer expectation of security robustness, as well as drive and execute SDL best practices and its integration with the CI/CD, Agile and Waterfall development modelsDuties And...


  • Bengaluru, Karnataka, India Atlassian Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    OverviewWorking at AtlassianAtlassians can choose where they work – whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part...


  • Bengaluru, Karnataka, India Trellix Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Job Title:Senior Security EngineerRole Overview:The Senior Security Engineer is responsible for the secure design, development, and operation of Skyhigh products and services. This role involves a mix of proactive security design, vulnerability management, and incident response, with a strong focus on maintaining and enforcing compliance standards. You will...


  • Bengaluru, Karnataka, India Harness Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Harness is a high-growth company that is disrupting the software delivery market. Our mission is to enable the 30 million software developers in the world to deliver code to their users reliably, efficiently, securely and quickly, increasing customers' pace of innovation while improving the developer experience. We offer solutions for every step of the...


  • Bengaluru, Karnataka, India Pocket FM Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    About Pocket FMPocket FM is the world's largest audio entertainment platform, revolutionizing the way stories are told and consumed. We bring together storytelling, technology, and creativity to deliver an immersive and engaging experience through audio series, audiobooks, and podcasts. With over150 million+ users, andbillions of minutes streamed monthly,...