Security Research Engineer Detection Engineering

Bengaluru - India

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Harness is a high-growth company that is disrupting the software delivery market. Our mission is to enable the 30 million software developers in the world to deliver code to their users reliably efficiently securely and quickly increasing customers pace of innovation while improving the developer experience. We offer solutions for every step of the software delivery lifecycle to build test secure deploy and manage reliability feature flags and cloud costs. The Harness Software Delivery Platform includes modules for CI CD Cloud Cost Management Feature Flags Service Reliability Management Security Testing Orchestration Chaos Engineering Software Engineering Insights and continues to expand at an incredibly fast pace.

Harness is led by technologist and entrepreneur Jyoti Bansal who founded AppDynamics and sold it to Cisco for $3.7B. Were backed with $425M in venture financing from top-tier VC and strategic firms including J.P. Morgan Capital One Ventures Citi Ventures ServiceNow Splunk Ventures Norwest Venture Partners Adage Capital Partners Balyasny Asset Management Gaingels Harmonic Growth Partners Menlo Ventures IVP Unusual Ventures GV (formerly Google Ventures) Alkeon Capital Battery Ventures Sorenson Capital Thomvest Ventures and Silicon Valley Bank.

Key Responsibilities

Develop optimize and maintain detection rules and signatures for all detection and edge defences.
Develop context-enriched detections by leveraging user behavior analytics traffic fingerprints and API interaction context.
Build and enhance Bot detection logic identifying automated threats such as credential stuffing scraping API abuse and fraud automation.
Create correlation logic that combines multiple weak indicators (behavioral request session and IP signals) into high-confidence detections.
Research design and codify detections for the OWASP Top 10 OWASP API Top 10 and bot-driven attack vectors.
Analyze large-scale security event telemetry to identify detection gaps optimize existing rules and reduce false positives.
Collaborate with Engineering and Data Science teams to operationalize detection intelligence into Traceables engines.
Continuously tune and validate detection rulesets based on real-world traffic diverse customer environments and evolving attacker behaviors.
Build automation pipelines and validation frameworks to test detection logic and correlation performance.
Investigate false positive/negative trends and contribute to detection precision metrics.
Analyze CVEs and emerging vulnerabilities build proactive defenses and publish research blogs or advisories based on findings.
Contribute to product-level improvements by feeding back research insights into feature design and detection capabilities.

Required Skills & Experience

1 - 4 years of experience in security research detection engineering.
Strong background in WAF/WAAP detection Bot detection.
Hands-on experience writing rule logic:

Coreruleset experience
Deep understanding of regex

Deep understanding of HTTP API protocols and common web attack payloads (XSS SQLi SSRF Command Injection Deserialization etc.).
Deep understanding of API Attack methodologies including OWASP API Top 10.
Knowledge of GraphQL gRPC and other protocols.
Working knowledge of Bot behavior analysis traffic fingerprinting anti-automation and CAPTCHA evasion tactics.
Strong analytical ability to review false positives/negatives perform event triage and fine-tune detection coverage.
Familiarity with API abuse detection authentication attacks and session-based correlation logic.
Experience leveraging machine learning models or heuristic scoring for anomaly detection.
Experience with writing signatures for any product.
Experience building or tuning detection for OWASP Top 10 and API Top 10 categories.
Understanding of alert workflows and signal correlations.
Proficiency in Java and Python for prototyping and automating rule validation workflows.
Excellent communication documentation and cross-functional collaboration skills.

Nice to Have

Contributions to open-source security projects especially those related to the OWASP Top 10 or OWASP API Top 10.
Experience developing custom WAF/WAAP rule engines threat classifiers or signal correlation pipelines.
Background in API security runtime protection or detection engineering at scale.
Authored publications technical blogs or delivered conference talks.

Harness in the news:

Harness AI Tackles Software Developments Real Bottleneck
After Vibe Coding Comes Vibe Testing (Almost)
Startup Within a Startup: Empowering Intrapreneurs for Scalable Innovation - Jyoti Bansal (Harness)
Jyoti Bansal Harness theCUBEd Awards
Eight years after selling AppDynamics to Cisco Jyoti Bansal is pursuing an unusual merger
Harness snags as it goes all in on feature flags and experiments
Exclusive: Jyoti Bansal-led Harness has raised $150 million in debt financing

All qualified applicants will receive consideration for employment without regard to race color religion sex or national origin.

Note on Fraudulent Recruiting/Offers

We have become aware that there may be fraudulent recruiting attempts being made by people posing as representatives of Harness. These scams may involve fake job postings unsolicited emails or messages claiming to be from our recruiters or hiring managers.

Please note we do not ask for sensitive or financial information via chat text or social media and any email communications will come from the domain @. Additionally Harness will never ask for any payment fee to be paid or purchases to be made by a job applicant. All applicants are encouraged to apply directly to our open jobs via our website. Interviews are generally conducted via Zoom video conference unless the candidate requests other accommodations.

If you believe that you have been the target of an interview/offer scam by someone posing as a representative of Harness please do not provide any personal or financial information and contact us immediately at. You can also find additional information about this type of scam and report any fraudulent employment offers via the Federal Trade Commissions website ( or you can contact your local law enforcement agency.

Key Responsibilities

Develop optimize and maintain detection rules and signatures for all detection and edge defences.
Develop context-enriched detections by leveraging user behavior analytics traffic fingerprints and API interaction context.
Build and enhance Bot detection logic identifying automated threats such as credential stuffing scraping API abuse and fraud automation.
Create correlation logic that combines multiple weak indicators (behavioral request session and IP signals) into high-confidence detections.
Research design and codify detections for the OWASP Top 10 OWASP API Top 10 and bot-driven attack vectors.
Analyze large-scale security event telemetry to identify detection gaps optimize existing rules and reduce false positives.
Collaborate with Engineering and Data Science teams to operationalize detection intelligence into Traceables engines.
Continuously tune and validate detection rulesets based on real-world traffic diverse customer environments and evolving attacker behaviors.
Build automation pipelines and validation frameworks to test detection logic and correlation performance.
Investigate false positive/negative trends and contribute to detection precision metrics.
Analyze CVEs and emerging vulnerabilities build proactive defenses and publish research blogs or advisories based on findings.
Contribute to product-level improvements by feeding back research insights into feature design and detection capabilities.

Required Skills & Experience

1 - 4 years of experience in security research detection engineering.
Strong background in WAF/WAAP detection Bot detection.
Hands-on experience writing rule logic:

Coreruleset experience
Deep understanding of regex

Deep understanding of HTTP API protocols and common web attack payloads (XSS SQLi SSRF Command Injection Deserialization etc.).
Deep understanding of API Attack methodologies including OWASP API Top 10.
Knowledge of GraphQL gRPC and other protocols.
Working knowledge of Bot behavior analysis traffic fingerprinting anti-automation and CAPTCHA evasion tactics.
Strong analytical ability to review false positives/negatives perform event triage and fine-tune detection coverage.
Familiarity with API abuse detection authentication attacks and session-based correlation logic.
Experience leveraging machine learning models or heuristic scoring for anomaly detection.
Experience with writing signatures for any product.
Experience building or tuning detection for OWASP Top 10 and API Top 10 categories.
Understanding of alert workflows and signal correlations.
Proficiency in Java and Python for prototyping and automating rule validation workflows.
Excellent communication documentation and cross-functional collaboration skills.

Nice to Have

Contributions to open-source security projects especially those related to the OWASP Top 10 or OWASP API Top 10.
Experience developing custom WAF/WAAP rule engines threat classifiers or signal correlation pipelines.
Background in API security runtime protection or detection engineering at scale.
Authored publications technical blogs or delivered conference talks.