Role OverviewSome of the world's largest companies and their law firms use Harvey's AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time.
Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.
In this role, you'll report to the Head of Trust and work at the intersection of AI security, compliance, and product trust - a rare combination at a company defining what responsible AI in legal looks like. You'll collaborate extensively across Engineering, Product Security, Product, Legal, and Sales to build, operate, and continuously improve the programs that make Harvey's platform trustworthy at enterprise scale.
What You'll Do- Manage the end-to-end security and compliance review process for new features, including intake / planning, resource engagement, performing risk analysis, documenting trade-off decisions, and ensuring critical requirements for information security and AI risks (model behavior, safety, regulatory exposure) are addressed.
- Act as a representative for the Security team to cross-functional teams and leadership, synthesizing risk reviews and threat models into formal security risk narratives, and reports before major launches.
- Collaborate with Product Security and Infrastructure Security teams to integrate new Product Trust requirements and drive improvements into engineering, release, and change management processes.
- Develop customer-facing security and privacy enablement content (e.g., materials, FAQs, positioning), attend customer security review calls, and manage technical security escalations from major customers.
- Lead audit and certification readiness projects for key features and teams.
- Support and address other priority Trust, Risk, and Compliance initiatives as they are prioritized.
What You Have- 7+ years in Information Security, with significant program management experience in product or engineering contexts - ideally including roles where you defined and built programs, not just maintained them.
- A strong foundation across a broad range of AI Governance, Risk, and Safety (AI GRS) implications, security, and compliance topics.
- 1-2+ years experience leveraging AI models to drive program efficiencies (e.g., automating risk assessment or compliance gap analysis).
- Proven ability to communicate complex technical and regulatory topics and write strong technical compliance requirements for diverse audiences (engineers, lawyers, customers, and GTM).
- Excellent organizational skills, including the ability to manage external contractors and vendors.
- A customer-centric mindset with a drive for process simplification.
- A builder's mindset and comfort with ambiguity - Harvey ships fast, the AI regulatory landscape is still being written, and this role requires both strong judgment and the ability to create structure where none yet exists.
Compensation$185,400 - $278,000 USD
Depending on your location, an Applicant Privacy Notice may apply to you. You can find all of our Applicant Privacy Notices [here].#LI-KV1
