Role OverviewSome of the world's largest companies and their law firms use Harvey's AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time.
Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.
In this role, you'll report to the Senior Compliance Manager and serve as a core executor on Harvey's certification and audit portfolio. You will be responsible for the hands-on compliance work that keeps our compliance programs healthy, maintaining control documentation, coordinating evidence collection, supporting third-party assessments, and working closely with Engineering and Security teams to ensure controls are implemented, tested, and continuously monitored. This is a role for a detail-oriented practitioner who takes pride in getting the compliance fundamentals exactly right.
Note: U.S. citizenship required - this role supports work the U.S. government specifies can only be performed by a U.S. citizen on U.S. soil.
What You'll Do- Own and maintain core compliance documentation - including compliance packages and security assessment reports - keeping them accurate and audit-ready
- Coordinate evidence collection across Engineering, Infrastructure, and Security for regulated assessments
- Support third-party assessor engagements end-to-end: scheduling, preparing teams, triaging findings, and drafting responses
- Conduct gap analyses against applicable frameworks and produce remediation tracking artifacts teams can act on directly
- Manage continuous monitoring activities including control reviews, change notifications, and incident documentation to maintain compliance status
- Partner with Engineering and Security to validate control implementations and translate regulatory language into testable technical configurations
What You Have- 3-5+ years in information security compliance with hands-on exposure to government and industry frameworks in a SaaS or cloud environment
- Solid working knowledge of applicable government compliance frameworks; ability to map controls to technical implementations and evaluate evidence quality
- Experience maintaining compliance documentation and tracking remediation activities; familiarity with compliance automation tooling
- Exceptional attention to detail - able to manage multiple concurrent workstreams and keep documentation aligned with a dynamic cloud environment
- Clear communicator: able to write crisp control implementation statements and explain compliance requirements to engineering audiences
Compensation$99,200 - $148,800
Depending on your location, an Applicant Privacy Notice may apply to you. You can find all of our Applicant Privacy Notices [here].#LI-KV1
