Why Harvey

At Harvey were transforming how legal and professional services operate. By combining frontier agentic AI an enterprise-grade platform and deep domain expertise were reshaping how critical knowledge work gets done for decades to come.

This is a rare chance to help build a generational company at a true inflection point. With 1500 customers in 60 countries strong product-market fit and world-class investor support were scaling fast and defining a new category in real time. The work is ambitious the bar is high and the opportunity for growth personal professional and financial is unmatched.

Our team moves fast takes ownership and is deeply committed to the mission operating with intensity staying close to our customers and pushing each other for excellence. We live by three values: Decisiveness Simplicity and Jobs Not Finished. We act quickly on clear judgment over perfect information we believe simplicity is what scales and were never satisfied with where we are. If you want to do the best work of your career alongside people who share that drive wed love to build with you.

At Harvey the future of professional services is being written today and were just getting started.

Role Overview

Some of the worlds largest companies and their law firms use Harveys AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster understand the big picture and tackle more complex challenges in less time.

Security is at the heart of what we do. Our customers trust us with their most sensitive data and we take that responsibility seriously. As part of our team youll help us maintain a secure trustworthy and compliant platforman essential foundation for everything we build.

As a Staff Infrastructure Security Engineer youll set the technical direction for secure-by-default infrastructure security across Harveys platform establishing the patterns and standards the broader engineering organization builds includes designing and implementing processes and technologies for least privilege isolating different components managing attack surface and implementing layers of tenant isolation on our multi-tenant SaaS offering. Youll also create frameworks and repeatable patterns that enable our research and engineering teams to move quickly and independentlywithout sacrificing security.

Our security program at Harvey is driven by our collective offensive security experience: breaking into systems at other companies (in white-hat capacities) responding to real security incidents and learning from other companies data breaches. We regularly conduct penetration tests and red team exercises. At the same time we are all software engineers - contributing code daily and approaching security with an engineering-first mindset.

What Youll Do

• Incorporate secure design principles into our cloud architecture.

• Develop isolation mechanisms (e.g. sandboxing) in collaboration with our product engineering team

• Review security-critical configuration changes and act as Codeowner for security-critical parts of our cloud configurations (everything is IaC)

• Audit our existing cloud environment for vulnerabilities

• Develop policies and procedures for the secure creation and operation of our cloud environments

• Define Harveys infrastructure security architecture and multi-year roadmap translating security requirements into concrete engineering investments

• Establish reusable security patterns standards and guardrails that enable product and platform teams to build securely by default

• Mentor and develop other security engineers on the team raising the overall technical bar

What You Have

• 8 years experience in Security Engineering Software Engineering or Site Reliability Engineering roles

• Demonstrated experience writing high-quality software and building production-grade infrastructure and raising the quality bar of engineering teams

• Strong fundamentals in networking operating systems and cryptographic protocols

• In-depth knowledge of Kubernetes common misconfigurations and privilege escalation vectors

• Demonstrated ability to find weaknesses (e.g. privilege escalation) in real-world cloud environments

• Experience applying security best practices in cloud environments (AWS Azure or Google Cloud)

• Track record of driving cross-functional security initiatives and influencing engineering decisions across teams

• Experience setting security standards and best practices at an organizational scale

• (No experience with generative AI or legal required)

Bonus

• Familiarity with large-scale Infrastructure as Code (IaC) deployments

• Familiarity with Kubernetes Admission Controllers and policy enforcement

• Exposure to multi-cloud environments

Compensation Range

$220000 - $330000 USD

Depending on your location an Applicant Privacy Notice may apply to you. You can find all of our Applicant Privacy Notices here.

#LI-KV1

Harvey is an equal opportunity employer and does not discriminate on the basis of race gender sexual orientation gender identity/expression national origin disability age genetic information veteran status marital status pregnancy or related condition or any other basis protected by law.

We are committed to providing reasonable accommodations to applicants with disabilities and requests can be made by emailing

Required Experience:

Staff IC