Staff Security Research Engineer

Harness -posted 2 months ago
$150,000 - $226,000/Yr
Senior
Mountain View, CA
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Harness is expanding into DevSecOps with the integration of Traceable, and we're hiring a Staff or Principal Security Research Engineer to help lead the charge. This is a rare opportunity to work with visionary leaders like Jyoti Bansal and help shape security across the modern software delivery lifecycle—from code to cloud. You'll drive research into cutting-edge threats targeting APIs, CI/CD pipelines, and emerging technologies like LLMs. Your work will directly influence product direction, detection capabilities, and customer protection strategies. This is a hands-on, high-impact role where you’ll collaborate across teams, interface with top-tier customers, and represent Harness at leading security conferences. If you're passionate about solving hard security problems at scale, this role puts you at the center of innovation in a fast-growing DevSecOps platform.

  • Conduct cutting-edge research on modern attack vectors across AppSec, CI/CD pipelines, runtime environments, and emerging technologies like LLMs
  • Develop and refine advanced exploit techniques to prevent attacks targeting software delivery, runtime from code to cloud
  • Collaborate with research, product and engineering to prototype and implement detection and mitigation strategies for emerging threats
  • Perform in-depth security assessments and penetration testing of web applications, APIs, build systems, and cloud-native environments
  • Engage with customers to understand their application landscape and provide expert guidance on integrating product capabilities with their security requirements
  • Support pre-sales, POCs, and post-sales engagements by troubleshooting and solving complex detection and protection challenges
  • Build internal tools to automate and enhance security research workflows
  • Evangelize our research and platform through blogs, white papers, and talks at premier security conferences
  • Analyze global cybersecurity incidents to extract learnings and apply them across domains
  • Bachelor's or Master's degree in Computer Science
  • 8-10+ years of work experience
  • Deep expertise with modern application stacks (microservices, containers, Kubernetes, cloud platforms like AWS/GCP)
  • Prior development experience and a fair understanding of programming languages and frameworks are a must
  • Proficient in at least one modern programming language (Python, Go, Java, JavaScript, etc.)
  • Demonstrated experience in penetration testing, vulnerability research, and exploitation of Web/API ecosystems
  • Strong foundation in computer science fundamentals, identity aware, network, application and runtime security
  • Strong experience with various pen testing tools like Burpsuite, ZAP, etc.
  • Strong applied knowledge of attacks in Web/API eco-system - Web attacks, API attacks, API abuse, API Fraud, ATO, etc.
  • Strong knowledge of modern application security threats and mitigation platforms like (WAFs, WAAP, RASP, etc.)
  • Working knowledge of IAST, DAST, and SAST
  • Experience in responsible disclosure of vulnerabilities and a track record of CVEs or similar
  • Proven track record of publishing high-quality research or presenting at top security conferences (e.g., Black Hat, DEF CON, RSAC, BSides) is a strong plus
  • Certifications such as CEH, OSCP, OSCE, or relevant security credentials
  • Strong analytical skills and the ability to conduct complex security research autonomously
  • Ability to work autonomously and drive complex security investigations from hypothesis to implementation
  • $150,000—$226,000 USD
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service