Staff Security Engineer, Product Security

Harmonic Security lets teams adopt AI tools safely by protecting sensitive data in real time with minimal effort. It gives enterprises full control and stops leaks so that their teams can innovate confidently.

We are led by cybersecurity experts and backed by top investors including N47, Ten Eleven Ventures, and In-Q-Tel.

As AI adoption accelerates inside the enterprise, Harmonic’s ability to safely observe, control, and enforce policy at the endpoint is mission-critical.

HOW WE WORK: AI-FIRST BY DESIGN

Harmonic exists to help enterprises adopt AI safely and at scale. We hold ourselves to the same standard. Everyone at Harmonic actively uses AI tools to do their best work, from research and writing to building processes and automating workflows. We expect every new hire to bring curiosity about AI and a willingness to use it to work smarter, faster, and more creatively. For some roles, that means tinkering and staying open to new tools. For others, it means building entirely new systems with AI at the core. We'll be clear about what we expect for each role, and we'll give you the tools and support to get there.

ABOUT THE TEAM

The Security & TechOps team builds the systems, tooling, and research that keep Harmonic secure, trusted, and able to move fast. We work across the entire lifecycle of how the company operates-from how we build software, to how we detect threats, to how we prove our security posture to customers, to how employees use the technology that powers their work.

We focus on enabling speed without sacrificing safety. That means creating secure-by-default engineering practices, building automation and detections that reduce manual work, researching emerging AI security risks, running assurance programmes like SOC 2 and ISO 27001, and shaping the internal platforms that help teams work efficiently and securely.

We’re a hands-on, engineering-first group. We avoid box-ticking and heavy process in favour of practical solutions, strong automation, and constant improvement. We collaborate closely across functions, operate with high ownership, and support each other through rapid growth. Our shared goal is to build the trust, systems, and capabilities that let Harmonic innovate confidently and at scale.

ABOUT THE ROLE

Our goal is simple: enable engineering teams to move fast and ship securely. We do this by creating the tools, standards, and systems that make secure development seamless. Whether it’s hardening pipelines, tuning detection tooling, or staying ahead of emerging AI risks, we build the connective tissue that keeps Harmonic’s products secure and trusted.

This team operates at the heart of our engineering culture - hands-on, collaborative, and pragmatic. We bridge the gap between security and development, helping both move faster and with more confidence.

We’re looking for a Staff Security Engineer, Product Security to shape how Harmonic builds secure products from the start. You’ll lead the creation of tools, standards, and practices that make secure development part of our everyday engineering workflow.

You’ll work closely with Engineering and DevOps to integrate security into design, build, and deployment. From managing code scanning and vulnerability tooling to supporting product pen tests and monitoring AI-related risks, you’ll help teams ship fast and safely while building lasting confidence in our products.

WHAT YOU’LL DO

• Act as the security partner to engineering - helping teams design, build, and ship securely without slowing down development.
• Drive and maintain the tooling that underpins product security - from code scanning and vulnerability detection to CI/CD hardening and reporting.
• Keep a close eye on our own AI systems and tools - monitoring emerging threats and ensuring our AI security posture evolves with the field.
• Lead threat modelling across the product - running structured STRIDE and LINDDUN assessments on new features and system designs, building repeatable templates, and using AI tooling to make it faster and more scalable. The goal is making threat modelling a normal part of how we build, not a separate event.
• Use AI to build and scale the product security function - integrating tools like Claude Code into security workflows, from automated threat modelling to building internal security tooling. A high-performing programme, not necessarily a large one.

WHAT YOU BRING

• Demonstrable software engineering experience in programming, application design and SLDC.
• Proven experience as a Product or Application Security Engineer in a modern engineering environment - you understand how products are built and shipped.
• Curiosity for emerging threats, especially around AI and ML systems, and a drive to keep our defences one step ahead.
• Excellent communicator who can translate between engineering, security, and go-to-market teams - clear, direct, and grounded in technical reality.
• Hands-on experience with structured threat modelling, including both security and privacy threat modelling methodologies (e.g. STRIDE, LINDDUN).
• Strong Claude Code or equivalent AI coding agent experience. Demonstrated use of agentic AI to build, automate, and accelerate security engineering work. This is a must-have.

YOU MIGHT BE A FIT IF YOU

• Like working closely with engineering teams to embed security into everyday development without slowing them down.
• Enjoy building and tuning security tools, pipelines, and dashboards that give developers useful signal - not noise.
• Can translate complex security risks into clear, actionable guidance for engineers and product teams.
• Want to shape how secure development happens in a high-growth, modern engineering organisation.
• Reach for Claude Code as a first instinct when building or automating something, and want to apply that to building a product security function that punches well above its weight

WHAT SUCCESS LOOKS LIKE (6-12 MONTHS)

• You'll have fine-tuned our default code security rules and enhanced how engineering teams engage with security scans. A measurable outcome is a significant reduction in raw security findings and a streamlined reporting process that meets engineers where they work.
• You'll have established a consistent and proportional approach to security in design reviews inc threat modelling, making these practices a routine part of engineering.
• You will have introduced automation into our product security workflows, reducing manual effort and allowing the team to focus on more strategic initiatives.
• Most importantly, you'll have introduced a top-tier AI development security programme to ensure our AI systems are safe, secure, and regularly reviewed as the tech landscape evolves.

WHY JOIN US

This isn’t just a job; it’s an opportunity to be part of a team that is redefining cybersecurity. We believe today’s talent is tomorrow’s success, and we’re committed to creating an environment where you can do the best work of your life.

• Competitive pay and meaningful equity with a direct stake in Harmonic’s success
• Comprehensive benefits, pension plan, generous PTO, and flexible hybrid work
• A small, passionate team that values transparency, creativity, and learning
• Thoughtful leadership that cares deeply about growth, impact, and people
• Annual global off-sites (past trips include Lisbon and Nashville)
• The chance to directly shape both our product and our culture as we build a category-defining company

HARMONIC'S CORE VALUES

🌱 FLOURISH IN THE UNKNOWN

We embrace new, unfamiliar situations that require initiative and rapid decision-making. We orient ourselves quickly and deliver results with minimal guidance.

🔥 NEVER FULL

We raise our hands, take on challenges, and assist others whenever possible. We hunger for opportunities to learn and do more.

🤝 PERFECT HARMONY

We support one another to create cohesion and unity. We collaborate openly, share feedback honestly, and help everyone produce their best work.