Harness is the AI Software Delivery Platform company, led by technologist and entrepreneur Jyoti Bansal (founder of App Dynamics, acquired by Cisco for $3.7B). Harness has raised approximately $570M in funding and is valued at $5.5B, backed by leading investors including Goldman Sachs, Menlo Ventures, IVP, Unusual Ventures, Citi Ventures, and more. As AI accelerates code creation, the real bottleneck has shifted to everything after the code – testing, deployments, application security, reliability, compliance, and cost optimization. Harness brings AI and automation to this “outer loop,” helping teams ship software faster while maintaining security and governance throughout the entire software delivery lifecycle.

Powered by Harness AI and the Software Delivery Knowledge Graph, the Harness Platform applies deep context and intelligent automation across the software delivery lifecycle with governance and policy-driven controls embedded throughout the platform.

Over the past year, Harness powered over 185M deployments, 82M builds, 18T flag evaluations, 8M security scans, 9.1B optimized tests, 3T protected API calls, and helped manage $2.8B in cloud spend — enabling customers like United Airlines, Morningstar, and Choice Hotels to accelerate releases by up to 75%, reduce cloud costs by up to 60%, and achieve 10x DevOps efficiency.

With a global team across 26 offices and 25 countries, Harness is shaping the future of AI software delivery — and we’re looking for exceptional talent to help us move even faster.

About the Role

Product Security is responsible for ensuring the continuous security of Harness customer-facing products and internal tools. The team is focused on proactively discovering security weaknesses, driving and advising risk remediation, building a paved road for developers to adopt secure development practices, and developing partnerships with engineering and product teams to accelerate the release of software with security by design.

The Staff Product Security Engineer is a senior individual contributor who sets the technical direction for Harness's product security posture. You will define programs, lead complex cross-team initiatives, and make foundational decisions that protect our platform and customers at scale. You operate with significant autonomy, are expected to influence engineering culture, and are the go-to authority on security architecture and strategy.

What You Will Do

• Design and develop product security APIs, tools, and utilities for internal and external stakeholders.
• Conduct threat modeling and secure design reviews for application backend services and business integrations.
• Perform advanced penetration tests and adversarial attack simulations against Harness modules, APIs, and codebase using industry-standard frameworks.
• Lead manual and automated code review efforts to discover vulnerabilities, weaknesses, and anti-patterns in the Harness platform.
• Implement and operate security tooling including SAST, DAST, and SCA, and integrate these into CI/CD pipelines.
• Consult and advise developers and Product Managers on security standards, vulnerability remediation, and security architecture.
• Assess risks and trade-offs, and propose solutions for product security features such as authentication and authorization.
• Participate in the creation, review, and implementation of technical security standards across global engineering teams.
• Use the Harness platform to integrate security processes like vulnerability management into the SDLC.
• Collaborate cross-functionally with Engineering and Product to accelerate the release of software with security by design.

About You

• BS in Computer Science or a related degree.
• 5+ years of relevant industry experience with a strong security focus.
• Solid experience with Dev Sec Ops practices and secure SDLC methodologies.
• Good working knowledge of cyber security frameworks including OWASP, SANS, NIST, and CIS.
• Ability to describe software supply chain risks and Secure SDLC best practices.
• Experience with public or private cloud environments such as K8s, AWS, GCP, or Azure.
• Professional knowledge of enterprise applications, API development, and modern software delivery processes.
• Previous experience in a cloud-native environment.
• Proficiency in Java or a comparable language and object-oriented programming methodology.
• Hands-on experience with security testing tools and vulnerability management workflows.

Pay transparency

$180,000—$200,000 USD

Harness in the news:

• Accelerating Our Mission to Bring AI to Everything After Code
• Goldman Sachs leads investment in software delivery startup Harness at $5.5 billion valuation
• How Harness runs 16 “startups within a startup” at scale | Jyoti Bansal
• Harness Research Shows AI Visibility Crisis Fueling Security Nightmare
• Harness has been named to the Inc. Power Partner list for software delivery success

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.

Note on Fraudulent Recruiting/Offers

We have become aware that there may be fraudulent recruiting attempts being made by people posing as representatives of Harness. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers.

Please note, we do not ask for sensitive or financial information via chat, text, or social media, and any email communications will come from the domain @harness.io. Additionally, Harness will never ask for any payment, fee to be paid, or purchases to be made by a job applicant. All applicants are encouraged to apply directly to our open jobs via our website. Interviews are generally conducted via Zoom video conference unless the candidate requests other accommodations.

If you believe that you have been the target of an interview/offer scam by someone posing as a representative of Harness, please do not provide any personal or financial information and contact us immediately at security@harness.io. You can also find additional information about this type of scam and report any fraudulent employment offers via the Federal Trade Commission’s website (https://consumer.ftc.gov/articles/job-scams)), or you can contact your local law enforcement agency.