Senior Detection & Response Security Engineer

Why Harvey

Harvey is a secure AI platform for professionals in law, tax, and finance that augments productivity and automates complex workflows. Harvey uses algorithms with reasoning-adept LLMs that have been customized by our expert team of lawyers, engineers and research scientists. We’ve found product market fit and are scaling our team very quickly. Some reasons to join Harvey are:

• Exceptional product market fit: We have partnered with the largest law firms and professional service providers in the world like A&O, PwC, and many others.
• Strategic investors: Raised over $100 million from strategic investors including Sequoia, Kleiner Perkins, and the OpenAI Startup Fund.
• World-class team: Harvey is hiring the best technical and non-technical talent from places like DeepMind, Google Brain, Stripe, FAIR, Tesla Autopilot, Superhuman, and Glean.
• Partnerships: Our engineers and researchers work directly with OpenAI to build the future of generative AI and redefine professional services.
• Performance: $0-20M ARR in the last 12 months.
• Value: Top of market cash and equity compensation.

Role

As an early member of our Security team, you will lay the foundation of our Detection and Response program. Your initial focus will be on implementing the right infrastructure and tools to enable successful security incident detection and response.

Our security program at Harvey is driven by our collective offensive security experience: Breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies’ data breaches. We conduct regular pentests and red team exercises with external security firms.

This role is based in San Francisco, CA. We use an in-person work model and offer relocation assistance to new employees.

Responsibilities

• Implement a SIEM that will allow effective D&R (we have centralized log management and basic alerting in place, but no fully featured SIEM)
• Lead incident response, as needed
• Onboard all relevant data sources (Azure, Kubernetes, Google Workspace, Endpoint, Application, etc)
• Assess logs for gaps and implement additional logging as needed
• Develop detection rules and a process for keeping them effective
• Participate in table-top and redteam exercises to evaluate efficacy

Qualifications

•  4+ years of experience in Security, Operations/SRE, Software Engineering, or related disciplines, 2+ years of which focused on incident detection and response
• Demonstrated success building or improving a detection and response function and measuring its effectiveness
• Hands-on log data analysis skills
• Experience writing high-quality alerting rules and response playbooks
• Software development experience
• Strong understanding of operating system, network, and security fundamentals

Bonus

Experience with:

• MacOS internals and security best practices

• Kubernetes
• Microsoft Azure

Compensation

In consideration of market analysis and relevant factors, the salary range for this position is set between $160,000 and $280,000. However, adjustments outside of this range may be considered for candidates whose qualifications significantly differ from those outlined in the job description. Additionally, this role is eligible to participate in our equity plan and benefits program. Benefits include, but not limited to: Comprehensive health, dental and vision coverage, retirement benefits (401k match up to 4%), and flexible PTO.

Harvey is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.