Senior Software Engineer(Security/Automation) - Customer Engineering(AppSec)

About the Role

We are looking for a skilled Senior Software Engineer/Software Engineer who will be responsible for supporting our customers to implement and manage security tools within CI/CD pipelines, and who is also capable of real-time technical troubleshooting.

This role involves deep technical analysis, real-time troubleshooting of production issues, and the critical design and implementation of security orchestration across customer CI/CD pipelines, integrating tools for SAST, DAST, and SCA to enhance their software supply chain posture and compliance. You will work closely with customers to ensure seamless product operation, create diagnostic and recovery scripts, and contribute to automating deployment, monitoring, and issue-resolution workflows.

Key Responsibilities

• Work closely with customer teams to identify, diagnose, and resolve product-related issues in real-time production environments.
• Provide technical assistance and troubleshooting support to customers during on-prem and cloud environments.
• Design and implement orchestration of multiple security scanners (SAST, DAST, SCA, container, config, secret scans) in CI/CD pipelines.
• Monitor and mitigate open-source and third-party component risks (licensing, vulnerabilities, dependency health).
• Build visibility dashboards showing supply-chain posture, risk scoring, and compliance metrics.
• Collaborate with Engineering, Security, and DevOps to embed security seamlessly across workflows.
• Analyze logs, metrics, and configurations to troubleshoot performance, networking, and connectivity issues.
• Maintain a deep understanding of customer environments and guide them through best practices.
• Document issues, workarounds, and solutions in internal knowledge bases to drive continuous improvement.

About You

• 4+ years in a technical support, DevOps, or Security and system administration role.
• Hands-on experience in CI/CD pipelines, build systems, integrating security scanning as part of DevSecOps practices.
• Strong understanding of security testing types: SAST, DAST, SCA, container/image scanning, configuration scans.
• Hands-on experience in Appsec tools like Checkmarx, Blackduck , Snyk, Veracode, etc
• Experience with dashboards, reporting vulnerability trends, vulnerability triaging and remediation.
• A deep understanding of what SBOMs are, hands-on experience with standard SBOM formats such as SPDX and CycloneDX. The ability to generate, ingest, and manage SBOMs from various third-party and native tools.
• Familiarity with OWASP standards, including OWASP GenAI Security, OWASP LLM Top 10, OWASP API Top 10, OWASP Top 10.
• Strong scripting or automation background (e.g., Python, Bash, Groovy, YAML).
• Strong foundational knowledge of networking concepts and protocols is mandatory for debugging connectivity issues within complex distributed systems.
• Working knowledge of at least one major cloud provider (AWS, Azure, or GCP) and experience troubleshooting cloud-based infrastructure.
• Soft Skills: Excellent verbal and written communication skills with a strong customer-centric approach. 
• Problem-Solving: Strong analytical and debugging skills with a relentless drive to solve complex, ambiguous technical problems.
• Adaptability: Demonstrates strong adaptability and a proven ability to quickly grasp new technologies.

Nice to Have

• Experience working with AI and security products is a plus

Location

• Bangalore, India

What You Will Have at Harness

• Experience building a transformative product
• End-to-end ownership of your projects
• Competitive salary
• Comprehensive healthcare benefit
• Flexible work schedule
• Quarterly Harness TGIF-Off / 4 days
• Paid Time Off and Parental Leave
• Monthly, quarterly, and annual social and team building events
• Monthly internet reimbursement