Security Engineer, Trust

Harmonic Security lets teams adopt AI tools safely by protecting sensitive data in real time with minimal effort. Our goal is simple: enable engineering teams to move fast and ship securely. We do this by creating the tools, standards, and systems that make secure development seamless—from code to cloud. Whether it’s hardening pipelines, tuning detection tooling, or staying ahead of emerging AI risks, we build the connective tissue that keeps Harmonic’s products secure and trusted.
We bridge the gap between security and development, helping both move faster and with more confidence.
You’ll design and implement the tooling, workflows, and automation that ensure our controls, evidence, and risks are continuously measured and easy to manage.
This means keeping our security documentation and whitepapers current, and working with Sales, Legal, and GTM teams when customers need clarity on how we operate.
Internally, you’ll drive how we meet and maintain standards like SOC 2, ISO 27001, HIPAA, and GDPR—and prepare us for upcoming frameworks including ISO 42001, NIST AI RMF, and FedRAMP.
You’ll partner closely with Product Security, Security Engineering, TechOps, and the wider business to build a trust program that scales with the company.
Design and implement automation for compliance monitoring, evidence collection, and control validation using platforms like Tines and API‑based workflows.
Lead the technical implementation work required to prepare for ISO 42001, including mapping requirements, reviewing controls, and building supporting workflows to gather evidence.
Maintain Harmonic’s external trust assets, including our security whitepaper and customer‑facing documentation related to security, trust and privacy.
Partner with GTM, Customer Success, and Legal during security reviews, contract discussions, and support solutions architects on customer questionnaires to provide accurate and consistent information.
Run and improve our internal ISMS processes, including risk assessments, control reviews, remediation tracking, and management reviews.
Build an engineered approach to risk management by designing a system that captures risks, assesses them using measurable signals, and reports them with useful metrics.
Work with Product Security to ensure our trust posture aligns with how our products are built and shipped.
Support security awareness initiatives, helping teams understand how trust and compliance fit into day‑to‑day operations and drive revenue.
Continuously research frameworks and standards, translating requirements into practical and scalable implementations without relying on rote knowledge.
Redesign our evidence and control workflow by reviewing our current compliance platform and implementing an improved, automated evidence collection and renewal process that reduces manual work and improves accuracy.
Progress ISO 42001 and NIST AI RMF readiness, including completing our initial gap assessment, defining required controls, and delivering the first phase of implementation work that puts us on track for ISO 42001 certification by 2027.
Maintain an accurate and up‑to‑date external Trust Center, ensuring documentation, diagrams, and security whitepapers are refreshed, on‑brand, and aligned with our current posture.
Automate recurring trust tasks that support Sales and GTM, building workflows and resources that help Solutions Architects complete security questionnaires efficiently, and providing clarification or technical input when they need support—reducing overall turnaround time for customer evaluations.
Create and maintain an internal security knowledge base, giving all employees a single, reliable place to find answers about our security posture, compliance frameworks, and common customer questions.
Develop a practical and engaging internal security awareness programme, with a specific focus on responsible use of AI, and deliver it in a way that fits naturally into the company’s existing culture and workflows.
Hands‑on engineering experience, comfortable building automations, integrating APIs, and using platforms like Tines to replace repetitive compliance tasks.
Ability to design systems for evidence, controls, risk, and monitoring, not just execute one‑off audits.
Clear communication skills, able to explain technical topics to non‑technical stakeholders and represent Harmonic confidently in customer conversations.
Comfort working in a high‑velocity environment, switching between implementation work, cross‑functional support, and research.
Curiosity and adaptability, especially around emerging frameworks like ISO 42001, the NIST AI RMF, or new trust expectations in AI‑driven environments.
Prefer building automated systems over running manual checklists, and see compliance as an engineering problem, not paperwork.
Communicate clearly with both engineers and customer‑facing teams, especially during audits or security reviews.
Competitive pay and meaningful equity with a direct stake in Harmonic’s success.
Comprehensive benefits, pension plan, generous PTO, and flexible hybrid work.
Full‑time
IT Services and IT Consulting