Role OverviewAs a Senior Software Engineer on the Product Security team at Harvey, you'll be a key technical contributor shaping how security is built into our AI platform. We store and process our customers' most sensitive data, and as a result, security is paramount at every stage of our product lifecycle. You'll own the security of critical product areas, conduct deep vulnerability research and code review, and partner closely with engineering teams to raise the security bar in the areas you work in (both for humans and agents). You'll implement both technical controls and security features within the Harvey platform.
Our security program is driven by our collective offensive security experience: breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies' data breaches. We regularly conduct penetration tests and red team exercises with external security firms. At the same time, we are all software engineers - contributing code daily and approaching security with an engineering-first mindset.
What You'll Do- Help define and implement security standards across the teams you partner with
- Incorporate secure design principles at every stage of development
- Own and review security-critical code across key parts of the product, including authentication and access control
- Build secure-by-default libraries and tooling that make secure path easier for the engineers
- Drive mitigation during security-related incidents, working cross-functionally as needed with Detection & Response as well as other teams
- Mentor engineers and raise the security bar across teams through code reviews, design reviews, and technical guidance
What You Have - 5+ years of experience in product security, application security, offensive security, and/or security-focused software engineering
- Long track record of identifying and remediating software vulnerabilities, demonstrated through CVEs, bug bounty awards, published research, or prior work experience
- Ability to collaborate on cross-functional security initiatives and influence engineering teams on security best practices
- Experience educating engineers to improve security practices across a team
- Strong programming skills with demonstrated experience writing high-quality, production software
- Strong communication and collaboration skills across technical and non-technical audiences
- Track record of executing on complex security projects and delivering measurable security improvements
Nice to Have- Experience building security programs or practices at hyper-growth startups
- Background with cloud environments (Azure, GCP, AWS) and cloud-native security patterns
- Experience with AI/ML systems and emerging security considerations for LLM-based applications
Compensation Range$188,000-282,000 USD
Depending on your location, an Applicant Privacy Notice may apply to you. You can find all of our Applicant Privacy Notices [here].#LI-KV1
