Senior Security Analyst
Harness
Harness is led by technologist and entrepreneur Jyoti Bansal, founder of AppDynamics (acquired by Cisco for $3.7B). The company has raised ~$570M in Series E venture funding, is valued at $5.5B, and backed by top investors including Goldman Sachs, Menlo Ventures, IVP, Google Ventures, J.P. Morgan, Capital One Ventures, Citi Ventures, ServiceNow, Splunk Ventures and more. Harness is building the industry’s leading AI-powered software delivery platform, enabling teams worldwide to build, test, and deliver software faster, safer, and more reliably. Writing code is only 30–40% of the engineering lifecycle — the rest involves testing, deployments, security, compliance, and optimization. Harness brings AI and automation to this outer loop, turning complex, time-consuming workflows into streamlined processes at massive global scale.
The platform includes industry leading products in CI/CD, Feature Flags, Cloud Cost Management, Service Reliability, Chaos Engineering, Software Engineering Insights, Internal Developer Experience, and API discovery, observability, governance, and runtime protection. Over the past year, Harness powered 128M deployments, 81M builds, 1.2T API calls protected, and $1.9B in cloud spend optimized, helping customers like United Airlines and Choice Hotels accelerate releases by up to 75% and achieve 10x DevOps efficiency. With employees in over 25 countries, Harness is shaping the future of AI-driven software delivery — and we’re looking for exceptional talent to help us move even faster.
Position Summary
A Senior Security Analyst will be a member of the GRC team working within the Information Security organization and across the business to advise, build, and operate security and compliance programs at scale. Utilizing in-depth expertise across multiple disciplines, a Senior Security Analyst is responsible for executing various components of Harness’ security posture and overseeing end-to-end solutions to complex problems.
As a Senior Security Analyst, you will lead security efforts to acquire and maintain compliance certifications (e.g., SOC 2, ISO 27001, ISO 27017, ISO 27018 +), design solutions that enable Harness’ security goals, and collaborate directly with business and engineering teams to preserve velocity while ensuring security. You will be responsible for defining and implementing security and compliance capabilities, as well as leading efforts to provide transparency to customers, prospects, and internal stakeholders.About the role
- Contribute precise and actionable guidance to ensure security and privacy by design for engineering and business initiatives;
- Lead and deliver internal and external audits, risk assessments, and annual compliance certifications across the technical estate;
- Execute core security capabilities such as policy and procedure development, and security awareness and training requirements;
- Support customer trust initiatives such as reviewing contracts for security and privacy requirements, completing questionnaires and requests, and maintaining our customer trust portal;
- Continuously monitor and manage supply chain security and vendor risk management;
- Drive security and compliance across the business through empathetic partnership.
- Measure control and program effectiveness, recommending new strategies to manage risk;
- Articulate Harness’s security capabilities and controls to enterprise customers or auditors; and
- Identify security gaps, develop or support the development of a path forward to address them, and ensure the plan is fully executed and working as intended.
About you
- You have at least 3-5 years of relevant industry experience.
- You have exposure to industry regulations, frameworks, and compliance certifications (ISO 27001, SOC 2, PCI, NIST, FedRAMP, SOX, etc.);
- You have previous experience in a cloud-native environment (AWS, GCP, or Azure);
- You have previous experience assessing and utilizing AI in a secure environment.
- You have exposure to or experience with Kubernetes, SBOMs, SLSA, and/or DLP
- You have previous experience with GRC tools or building automation.
- You have a strong cybersecurity acumen.
- You have a solid technical proficiency.
- You want to work in a high-growth environment and build new programs from scratch;
- You have a keen attention to detail.
- You are comfortable handling the unknown, and you can bring clarity to ambiguous situations; and,
- You are proactive, results-driven, and an excellent collaborator and communicator.
Bonus Points!
- You hold relevant security or technical certifications (ISO 27001 Lead Implementer or Lead Auditor, CISA, CISSP, AWS/GCP Professional).
- You are familiar with what’s going on under the hood of the AWS or GCP console and can speak to best practices for configuration and management.
- You are eager to learn and to invest your knowledge in junior colleagues.
- You like to automate the boring stuff.
Work Location
- Argentina
Harness in the news:
- Accelerating Our Mission to Bring AI to Everything After Code
- Goldman Sachs leads investment in software delivery startup Harness at $5.5 billion valuation
- How Harness runs 16 “startups within a startup” at scale | Jyoti Bansal
- Harness Research Shows AI Visibility Crisis Fueling Security Nightmare
- Harness has been named to the Inc. Power Partner list for software delivery success
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.
Note on Fraudulent Recruiting/Offers
We have become aware that there may be fraudulent recruiting attempts being made by people posing as representatives of Harness. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers.
Please note, we do not ask for sensitive or financial information via chat, text, or social media, and any email communications will come from the domain @harness.io. Additionally, Harness will never ask for any payment, fee to be paid, or purchases to be made by a job applicant. All applicants are encouraged to apply directly to our open jobs via our website. Interviews are generally conducted via Zoom video conference unless the candidate requests other accommodations.
If you believe that you have been the target of an interview/offer scam by someone posing as a representative of Harness, please do not provide any personal or financial information and contact us immediately at security@harness.io. You can also find additional information about this type of scam and report any fraudulent employment offers via the Federal Trade Commission’s website (https://consumer.ftc.gov/articles/job-scams), or you can contact your local law enforcement agency.