Join Harvey: Secure the Future of AI-Powered Legal Innovation
At Harvey, we're not just building software; we're revolutionizing how legal and professional services operate using cutting-edge agentic AI. We're at a pivotal moment, scaling rapidly with 500+ customers in 50+ countries and backed by world-class investors. This is your chance to shape the future of an entire industry.
We're looking for a passionate and experienced Infrastructure Security Engineer to join our elite team. If you thrive in a fast-paced, challenging environment where security is paramount, and you're driven by the desire to protect sensitive data at scale, we want to hear from you.
Role Overview: Defend the Leading Edge
Harvey's AI capabilities empower the world's largest companies and law firms to deliver unparalleled client service. Security is not an afterthought; it's the bedrock of our trust. As an Infrastructure Security Engineer, you'll be a critical part of ensuring the confidentiality, integrity, and availability of our platform.
You will design and implement secure-by-default infrastructure, enabling our product teams to innovate rapidly without compromising security. This includes architecting and implementing processes and technologies for:
Least privilege access control
Robust component isolation
Proactive attack surface management
Multi-tenant SaaS tenant isolation
Our security philosophy is rooted in practical experience: we apply lessons learned from offensive security engagements, incident response, and industry data breaches. We blend this experience with an engineering-first approach, contributing code daily and integrating security seamlessly into our development lifecycle.
What You'll Do: Build, Break, and Secure
Architect Securely: Integrate secure design principles into our evolving cloud architecture.
Isolate and Protect: Develop robust isolation mechanisms (e.g., sandboxing) in collaboration with our product engineering team.
Guard the Gates: Review security-critical configuration changes and serve as a Codeowner for security-critical parts of our Infrastructure-as-Code (IaC) deployments.
Hunt for Vulnerabilities: Proactively audit our existing cloud environment to identify and remediate vulnerabilities.
Define Security Standards: Develop and enforce policies and procedures for the secure creation and operation of our cloud environments.
What You Have: Your Arsenal of Skills
Experience: 5+ years in Security Engineering, Software Engineering, or Site Reliability Engineering roles.
Engineering Prowess: Proven ability to write high-quality software, build production-grade infrastructure, and raise the bar for engineering teams.
Foundational Knowledge: Strong understanding of networking, operating systems, and cryptographic protocols.
Kubernetes Expertise: In-depth knowledge of Kubernetes, common misconfigurations, and privilege escalation vectors.
Offensive Security Mindset: Demonstrated ability to identify weaknesses (e.g., privilege escalation) in real-world cloud environments.
Cloud Proficiency: Experience applying security best practices in cloud environments (AWS, Azure, or Google Cloud).
Bonus Points: Level Up Your Impact
IaC Mastery: Familiarity with large-scale Infrastructure as Code (IaC) deployments.
Kubernetes Policy Enforcement: Familiarity with Kubernetes Admission Controllers and policy enforcement.
Multi-Cloud Experience: Exposure to multi-cloud environments.
Compensation
$201,000 - $260,000 USD
Please find our CA applicant privacy notice here.
#LI-KV1
Harvey is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
We are committed to providing reasonable accommodations to applicants with disabilities. If you require an accommodation, please contact [email protected].