Detection & Response Security Engineer

Harvey is a secure AI platform for professionals in law, tax, and finance that augments productivity and automates complex workflows.

Harvey uses algorithms with reasoning-adept LLMs that have been customized by our expert team of lawyers, engineers, and research scientists.

We’ve found product market fit and are scaling our team very quickly. Some reasons to join Harvey are :

Do you have the right skills and experience for this role Read on to find out, and make your application.

• Exceptional product market fit : We have partnered with the largest law firms and professional service providers in the world like A&O, PwC, and many others.
• Strategic investors : Raised over $100 million from strategic investors including Sequoia, Kleiner Perkins, and the OpenAI Startup Fund.
• World-class team : Harvey is hiring the best technical and non-technical talent from DeepMind, Google Brain, Stripe, FAIR, Tesla Autopilot, Superhuman, Glean, and more.
• Partnerships : Our engineers and researchers work directly with OpenAI to build the future of generative AI and redefine professional services.
• Value : Top of market cash and equity compensation.

Role

Some of the world’s largest companies and their law firms use Harvey to make sense of their legal documents and automate legal work.

Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.

You will report to our Head of Security and take ownership of the Detection and Response function. As an early member of our Security team, you will lay the foundation of our Detection and Response program.

Your initial focus will be on implementing the right infrastructure and tools to enable successful security incident detection and response.

Harvey is a hyper-growth startup. From the beginning, we have invested into tight security controls to reduce noise and automation wherever possible to handle the business velocity.

We operate with a small but highly effective team.

Our security program at Harvey is driven by our collective offensive security experience : Breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies’ data breaches.

We conduct regular pentests and red team exercises with external security firms.

Responsibilities

• Implement a SIEM that will allow effective D&R (we have centralized log management and basic alerting in place, but no fully featured SIEM)
• Lead incident response, as needed
• Onboard all relevant data sources (Azure, Kubernetes, Google Workspace, Endpoint, Application, etc)
• Assess logs for gaps and implement additional logging as needed
• Develop detection rules and a process for keeping them effective
• Participate in table-top and red team exercises to evaluate efficacy

Qualifications

• Demonstrated success building or improving a detection and response function and measuring its effectiveness
• Hands-on log data analysis skills
• Experience writing high-quality alerting rules and response playbooks
• Software development experience
• Strong understanding of operating system, network, and security fundamentals
• No experience with generative AI or legal is required

Experience :

• 4+ years of experience in Security, Operations / SRE, Software Engineering, or related disciplines, 2+ years of which focused on incident detection and response
• Level : Senior

Bonus :

• Experience working at a small company or a hyper-growth startup
• Knowledge of and experience with :
• MacOS internals and security best practices
• Kubernetes
• Microsoft Azure

Compensation

The expected range of compensation for this role is between $160,000 and $280,000. Additionally, this role is eligible to participate in our equity plan.

The successful candidate’s starting salary will be determined based on non-discriminatory factors such as skills, experience, and geographic location.

J-18808-Ljbffr