Detection & Response Security Engineer

Harvey is a secure AI platform for professionals in law, tax, and finance that augments productivity and automates complex workflows. Harvey uses algorithms with reasoning-adept LLMs that have been customized by our expert team of lawyers, engineers, and research scientists. We’ve found product market fit and are scaling our team very quickly. Some reasons to join Harvey are:Exceptional product market fit: We have partnered with the largest law firms and professional service providers in the world like A&O, PwC, and many others.Strategic investors: Raised over $100 million from strategic investors including Sequoia, Kleiner Perkins, and the OpenAI Startup Fund.World-class team: Harvey is hiring the best technical and non-technical talent from DeepMind, Google Brain, Stripe, FAIR, Tesla Autopilot, Superhuman, Glean, and more.Partnerships: Our engineers and researchers work directly with OpenAI to build the future of generative AI and redefine professional services.Value: Top of market cash and equity compensation.RoleSome of the world’s largest companies and their law firms use Harvey to make sense of their legal documents and automate legal work. Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.You will report to our Head of Security and take ownership of the Detection and Response function. As an early member of our Security team, you will lay the foundation of our Detection and Response program. Your initial focus will be on implementing the right infrastructure and tools to enable successful security incident detection and response.Harvey is a hyper-growth startup. From the beginning, we have invested into tight security controls to reduce noise and automation wherever possible to handle the business velocity. We operate with a small but highly effective team.Our security program at Harvey is driven by our collective offensive security experience: Breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies’ data breaches. We conduct regular pentests and red team exercises with external security firms.ResponsibilitiesImplement a SIEM that will allow effective D&R (we have centralized log management and basic alerting in place, but no fully featured SIEM)Lead incident response, as neededOnboard all relevant data sources (Azure, Kubernetes, Google Workspace, Endpoint, Application, etc)Assess logs for gaps and implement additional logging as neededDevelop detection rules and a process for keeping them effectiveParticipate in table-top and red team exercises to evaluate efficacyQualificationsDemonstrated success building or improving a detection and response function and measuring its effectivenessHands-on log data analysis skillsExperience writing high-quality alerting rules and response playbooksSoftware development experienceStrong understanding of operating system, network, and security fundamentalsNo experience with generative AI or legal is requiredExperience:4+ years of experience in Security, Operations/SRE, Software Engineering, or related disciplines, 2+ years of which focused on incident detection and responseLevel: SeniorBonus:Experience working at a small company or a hyper-growth startupKnowledge of and experience with:MacOS internals and security best practicesKubernetesMicrosoft AzureCompensationThe expected range of compensation for this role is between $160,000 and $280,000. Additionally, this role is eligible to participate in our equity plan. The successful candidate’s starting salary will be determined based on non-discriminatory factors such as skills, experience, and geographic location.

#J-18808-Ljbffr