Software Engineer, Product Security

Why HarveyHarvey is a secure AI platform for legal and professional services that augments productivity and automates complex workflows. Harvey uses algorithms with reasoning-adept LLMs that have been customized and developed by our expert team of lawyers, engineers and research scientists. We’ve found product market fit and are scaling our team very quickly. Some reasons to join Harvey are:Exceptional product market fit: We have partnered with the largest law firms and professional service providers in the world, includingPaul Weiss, A&O Shearman,Ashurst, O'Melveny & Myers,PwC, KKR, and many others.Strategic investors: Raised over$500 millionfrom strategic investors including Sequoia, Google Ventures, Kleiner Perkins, and OpenAI.World-class team: Harvey is hiring the besttalentfrom DeepMind, Google Brain, Stripe, FAIR, Tesla Autopilot, Glean, Superhuman, Figma, and more.Partnerships: Our engineers and researchers work directly with OpenAI to build the future of generative AI and redefine professional services.Performance: 4x ARR in 2024.Competitive compensation.Role OverviewSome of the world's largest companies and their law firms use Harvey’s AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time.Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.As part of the Product Security team, you’ll help ensure Harvey is built in the most secure way possible. You’ll take ownership of securing a specific part of the product and build strong relationships with the developers working in that area. With these insights, you’ll advocate for and implement high-leverage security controls across the organization.Our security program at Harvey is driven by our collective offensive security experience: Breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies’ data breaches. We regularly conduct penetration tests and red team exercises with external security firms. At the same time, we are all software engineers - contributing code daily and approaching security with an engineering-first mindset.What You’ll DoPartner closely with engineering teams to incorporate secure design principles at every stage of developmentReview security-critical code and own key parts of the product, including authentication and access controlContribute meaningfully to the Harvey code base. Some prior projects include:Refactoring our authentication stack to improve streamline executionRemoving password use from the applicationDesigning secure APIs for critical data accessBuild secure-by-default libraries and tools that make the secure path the easiest and most attractive choice for developers and their AI agentsAudit the existing codebase for vulnerabilitiesImprove our static analysis and vulnerability management toolingDiscover vulnerabilities through red team exercisesParticipate in and drive mitigation strategies during security related incident responsesWhat You Have4+ years of experience in product security, application security, offensive security, and/or security-focused software engineeringDemonstrated experience writing high-quality software and raising the quality bar of software engineering teamsProven ability to identify software vulnerabilities, demonstrated through CVEs, bug bounty awards, blog posts, or prior work experienceStrong communication and collaboration skills, particularly with engineering teamsBonusOpen source contributionsExperience managing cloud environments (e.g. Azure, GCP, AWS)Experience working at or with a small company or a hyper-growth startupPlease find our CA applicant privacy noticehere.Harvey is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made by emailinginterview-help@harvey.ai.Compensation Range: $215K - $250K

Location: San Francisco

Salary range [USD annually]: None - None