Principal Engineer, SW(Product Security)

HARMAN’s engineers and designers are creative, purposeful and agile. As part of this team, you’ll combine your technical expertise with innovative ideas to help drive cutting-edge solutions in the car, enterprise and connected ecosystem. Every day, you will push the boundaries of creative design, and HARMAN is committed to providing you with the opportunities, innovative technologies and resources to build a successful career.

A Career at HARMAN

As a technology leader that is rapidly on the move, HARMAN is filled with people who are focused on making life better. Innovation, inclusivity and teamwork are a part of our DNA. When you add that to the challenges we take on and solve together, you’ll discover that at HARMAN you can grow, make a difference and be proud of the work you do everyday.

A Career at HARMAN Lifestyle

We’re a global, multi-disciplinary team that’s putting the innovative power of technology to work and transforming tomorrow. As a member of HARMAN Lifestyle, you connect consumers with the power of superior sound.

• Contribute your talents to high-end, esteemed brands like JBL, Mark Levinson and Revel
• Unite your passion for audio innovation with high-tech product development
• Create pitch-perfect, cutting-edge technology that elevates the listening experience

What You Will Do

• Work with engineering teams to ensure reported vulnerabilities are handled consistently, transparently, and within agreed timelines.
• Define and drive DevSecOps practices across software development lifecycle.
• Establish practical security standards, checklists, and workflows that help engineering teams build secure products.
• Support vulnerability remediation by helping teams understand root cause, assess exploitability, prioritize fixes, and validate mitigations.
• Contribute to software supply chain security practices, including dependency governance, SBOM usage, artifact integrity, secure build pipelines, and signing processes.
• Help build security awareness across engineering teams through guidance, documentation, training, and security champions programs.

What You Need to Be Successful

• 5+ years of experience in information security, product security, or related cybersecurity roles.
• Strong understanding of secure software development practices and how to apply them in real engineering organizations.
• Experience operating or contributing to vulnerability management, incident response, or PSIRT processes.
• Practical knowledge of DevSecOps tooling and workflows, such as SAST, DAST, SCA, container scanning, secrets scanning, CI/CD security gates, and policy-as-code.
• Security knowledge across at least two of the following domains: embedded software, mobile applications, cloud services.
• Understanding of common security frameworks, standards, and vulnerability taxonomies such as OWASP, CWE, CVSS, MITRE, or NIST guidance.
• Knowledge of software supply chain security concepts, including dependency risk, SBOM, artifact signing, secure builds, and third-party component governance.
• Strong communication and process-building skills, with the ability to work across engineering, architecture, program management, legal, and customer-facing teams.
• Hands-on technical skills in scripting, automation, or software development using languages such as Python, C++, Go, or similar.

Bonus Points if You Have

• Experience with embedded Linux, RTOS, Bluetooth, Wi-Fi, OTA update systems, device identity, secure boot, or hardware-backed security.
• Experience with mobile application security for iOS or Android.
• Experience with penetration testing, exploit analysis, reverse engineering, or security research.
• Familiarity with data platforms, analytics systems, or large-scale cloud data processing.
• Relevant security certifications such as CISSP, CISM, CISA, CSSLP, GIAC, OSCP, or similar.

What Makes You Eligible

• Willingness to travel.
• Willingness to work in an office.
• Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen.

What We Offer

• Flexible work environment, allowing for full-time remote work one day per week for positions that can be performed outside a HARMAN or customer location.
• Access to employee discounts on world-class Harman (JBL, HARMAN Kardon, AKG, etc.).
• Extensive training opportunities through our own HARMAN University.
• Competitive wellness benefits.
• Access to HARMAN Campus Fitness Center and Cafeteria.
• “Be Brilliant” employee recognition and rewards program.
• An inclusive and diverse work environment that fosters and encourages professional and personal development.

HARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.