Staff Product Manager AppSec

Bengaluru - India

Monthly Salary: Not Disclosed

Posted on: 18 hours ago

Vacancies: 1 Vacancy

Job Summary

Harness is led by technologist and entrepreneur Jyoti Bansal founder of AppDynamics (acquired by Cisco for $3.7B). The company has raised $240M in Series E venture funding is valued at $5.5B and backed by top investors including Goldman Sachs Menlo Ventures IVP Google Ventures J.P. Morgan Capital One Ventures Citi Ventures ServiceNow Splunk Ventures and more. Harness is building the industrys leading AI-powered software delivery platform enabling teams worldwide to build test and deliver software faster safer and more reliably. Writing code is only 3040% of the engineering lifecycle the rest involves testing deployments security compliance and optimization. Harness brings AI and automation to this outer loop turning complex time-consuming workflows into streamlined processes at massive global scale.

The platform includes industry leading products inCI/CD Feature Flags Cloud Cost Management Service Reliability Chaos Engineering Software Engineering Insights Internal Developer Experience and API discovery observability governance and runtime protection. Over the past year Harness powered 128M deployments 81M builds 1.2T API calls protected and $1.9B in cloud spend optimized helping customers like United Airlines and Choice Hotels accelerate releases by up to 75% and achieve 10x DevOps efficiency. With employees in over 25 countries Harness is shaping the future of AI-driven software delivery and were looking for exceptional talent to help us move even faster.

About the Role
We are hiring a Staff Product Manager in India to drive key parts of our Application Security
(AppSec) platform with a strong focus on DevSecOps-integrated security Application
Security Testing (AST) Application Security Posture Management (ASPM) and AI-
powered / agentic AppSec workflows. This is a senior individual contributor role with ownership of platform-level capabilities used
by global enterprise customers. You will work closely with engineering teams in India and
product security and GTM leaders globally to define how security findings are discovered
prioritized and remediatedboth by humans and AI agentsacross the SDLC.

Key Responsibilities

Own the strategy and roadmap for AppSec capabilities including:
AST (SAST SCA DAST secrets detection)
ASPM and vulnerability correlation
CI/CD-native DevSecOps integrations
AI-powered and agentic AppSec workflows (e.g. automated triage
reasoning and remediation)
Define end-to-end AppSec workflows across the SDLC from code and dependency
discovery to risk prioritization and remediation.
Partner closely with engineering teams in India to deliver scalable secure and high-
quality platform capabilities.
Design and evolve AI-assisted AppSec experiences including:
Context-aware vulnerability prioritization
AI-generated remediation guidance or PRs.
Guardrails and governance for AI-driven changes
Collaborate withglobal stakeholders across product sales customer success and security to align roadmap with customer and market needs.
Engage directly withenterprise customers to understand AppSec workflows regulatory requirements and adoption challenges.
Drive competitive analysis across AppSec ASPM and AI-native security vendors to inform differentiation.
Define and trackproduct success metrics including coverage signal quality MTTR developer experience and AI effectiveness.

Required Qualifications

610 years of product management experience with ownership of enterprise security
DevSecOps or developer-focused platforms.
Strong understanding of Application Security and DevSecOps including:
AST tools (SAST SCA DAST secrets scanning)
CI/CD pipelines and developer workflows
ASPM or vulnerability management concepts
Familiarity with AI-powered developer or security tools including LLM-based workflows automation or agentic systems.
Proven ability to translate complex security and technical requirements into clear
prioritized product plans.
Strong communication and stakeholder management skills with experience working across distributed global teams.

Preferred Qualifications

Experience building or scaling AppSec or DevSecOps platforms used by large engineering organizations.
Familiarity with SBOMs dependency graphs vulnerability intelligence and risk prioritization techniques.
Exposure toAI governance policy-as-code or automated remediation systems.
Background in software engineering security engineering or DevOps (strong plus).
Experience with cloud-native and containerized environments.

Why Join Us
Own critical parts of a global AppSec platform from India.
Work on cutting-edge AI-driven AppSec and DevSecOps workflows.
Collaborate with senior product and engineering leaders across geographies.
Build products that meaningfully improve how enterprises secure software at scale.

Harness in the news:

Accelerating Our Mission to Bring AI to Everything After Code
Goldman Sachs leads investment in software delivery startup Harness at $5.5 billion valuation
How Harness runs 16 startups within a startup at scale Jyoti Bansal
Harness Research Shows AI Visibility Crisis Fueling Security Nightmare
Harness has been named to the Inc. Power Partner list for software delivery success

All qualified applicants will receive consideration for employment without regard to race color religion sex or national origin.

Note on Fraudulent Recruiting/Offers

We have become aware that there may be fraudulent recruiting attempts being made by people posing as representatives of Harness. These scams may involve fake job postings unsolicited emails or messages claiming to be from our recruiters or hiring managers.

Please note we do not ask for sensitive or financial information via chat text or social media and any email communications will come from the domain @. Additionally Harness will never ask for any payment fee to be paid or purchases to be made by a job applicant. All applicants are encouraged to apply directly to our open jobs via our website. Interviews are generally conducted via Zoom video conference unless the candidate requests other accommodations.

If you believe that you have been the target of an interview/offer scam by someone posing as a representative of Harness please do not provide any personal or financial information and contact us immediately at. You can also find additional information about this type of scam and report any fraudulent employment offers via the Federal Trade Commissions website ( or you can contact your local law enforcement agency.

Required Experience:

Staff IC

Key Responsibilities

Own the strategy and roadmap for AppSec capabilities including:
AST (SAST SCA DAST secrets detection)
ASPM and vulnerability correlation
CI/CD-native DevSecOps integrations
AI-powered and agentic AppSec workflows (e.g. automated triage
reasoning and remediation)
Define end-to-end AppSec workflows across the SDLC from code and dependency
discovery to risk prioritization and remediation.
Partner closely with engineering teams in India to deliver scalable secure and high-
quality platform capabilities.
Design and evolve AI-assisted AppSec experiences including:
Context-aware vulnerability prioritization
AI-generated remediation guidance or PRs.
Guardrails and governance for AI-driven changes
Collaborate withglobal stakeholders across product sales customer success and security to align roadmap with customer and market needs.
Engage directly withenterprise customers to understand AppSec workflows regulatory requirements and adoption challenges.
Drive competitive analysis across AppSec ASPM and AI-native security vendors to inform differentiation.
Define and trackproduct success metrics including coverage signal quality MTTR developer experience and AI effectiveness.

Required Qualifications

610 years of product management experience with ownership of enterprise security
DevSecOps or developer-focused platforms.
Strong understanding of Application Security and DevSecOps including:
AST tools (SAST SCA DAST secrets scanning)
CI/CD pipelines and developer workflows
ASPM or vulnerability management concepts
Familiarity with AI-powered developer or security tools including LLM-based workflows automation or agentic systems.
Proven ability to translate complex security and technical requirements into clear
prioritized product plans.
Strong communication and stakeholder management skills with experience working across distributed global teams.

Preferred Qualifications

Experience building or scaling AppSec or DevSecOps platforms used by large engineering organizations.
Familiarity with SBOMs dependency graphs vulnerability intelligence and risk prioritization techniques.
Exposure toAI governance policy-as-code or automated remediation systems.
Background in software engineering security engineering or DevOps (strong plus).
Experience with cloud-native and containerized environments.