A Security Analyst works within the Security & Compliance department and across the business to build and operate security and compliance programs at scale. Using industry standards and best practices, a Security Analyst is responsible for delivering security projects, programs, and continuous compliance at scale. We’re looking for candidates with experience implementing and managing security programs, and with a drive to elevate security controls across the estate.

As a Security Analyst, you will lead efforts to discover and reduce risk, implement business and technical processes, and acquire and maintain compliance certifications. You’ll use technology to design solutions that enable Harness’ security goals, and collaborate directly with engineering teams to Get Ship Done. You will be responsible for defining, documenting, and implementing technical security and compliance controls, and measuring the effectiveness of Harness’ security programs.

• Deliver risk assessments and advisory across our technical environments and business process.
• Facilitate engagement with external suppliers, auditors, and customers/prospects.
• Partner with security and engineering colleagues to continuously monitor and manage security controls.
• Own and improve components of the supply chain security and vendor risk management process.
• Drive security and compliance across the business through empathetic partnership.
• Contribute precise and actionable analysis to enable security and privacy by design for engineering and business initiatives.
• Measure control and program effectiveness, and recommend new strategies to manage risk.

• You have 1-4 years of relevant industry experience.
• You have a basic understanding of enterprise SaaS applications and infrastructure.
• You have previous experience in a cloud-native environment (AWS, GCP, or Azure).
• You want to work in a high-growth environment and build new programs from scratch.
• You care about the details, and are willing to ask questions when you’re unsure.
• You are comfortable handling the unknown, and seek to bring clarity in ambiguous situations.

Bonus Points!

• You are familiar with what’s going on under the hood of an AWS or GCP console, and can speak to best practices for configuration and management.
• You have expertise with one or more industry regulations and compliance certifications (ISO 27001, SOC 2, FedRAMP, etc.)
• You hold relevant security or technical certifications (CISA, CISSP, AWS/GCP Professional).
• You are eager to learn, and to share your knowledge with colleagues.
• You like to automate the boring stuff.

Work Location

We are looking for someone who will work onsite (Hybrid- 3 days a week) from one of our offices within North America (San Francisco, Mountain View, or Dallas).

What you will have at Harness

• Competitive salary and early-stage stock options
• Comprehensive healthcare benefits
• Flexible Spending Account (FSA)
• Flexible work schedule
• Employee Assistance Program (EAP)
• Paid Time Off and Parental Leave
• Monthly, quarterly, and annual social and team building events
• TGIF-Off program
• Remote office stipend
• Monthly internet reimbursement
• Monthly Food & Beverage Reimbursement Program

Harness in the news:

• Harness Snags $230 Series D - $3.7B Valuation
• Harness Recognized in Inc.'s Best Workplace Awards 2022
• Harness on LinkedIn: America's Great Companies to Work For -- And What You Can Learn From
• #6 - Glassdoor Best Places to Work 2021 list
• #17 on Forbes Top 50 Cloud Companies to Work For
• #47 on LinkedIn’ Top 50 Companies to Work For
• #2 on Quartz 2021 list best places to work for remote workers
• 2021 Career Launching Companies List

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.