AI/ML Jobs
Post job

Detection & Response Security Engineer

Harvey AI logo

Harvey AI

Role Overview

Some of the world's largest companies and their law firms use Harvey’s AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time.

Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler, and we value it more than anything else.

We are looking for a red-teamer to join our blue team to help us develop custom detections and fine-tune our alerting and response automations to defend against real, business-specific threats. Your offensive security expertise will be key in prioritizing the right defenses. You will have the opportunity to build your software engineering and system design skills while working on our modern, large-scale threat detection platform built on ClickHouse.

As an early member of our security detection and response team, you will play a key role in shaping the foundation of our detection and response program. We are a small but effective team and have a high bar for our work.

Our security program at Harvey is driven by our collective offensive security experience: breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies’ data breaches. We conduct regular pentests and red team exercises with external security firms. At the same time, we are all software engineers, contributing code daily, and approaching security topics with an engineering-first approach.

What You’ll Do

  • Build strong relationships with key employees across the organization.
  • Use your offensive security expertise to develop plausible threat scenarios and identify opportunities for detection.
  • Assess logs for gaps and implement additional logging as needed.
  • Build out our threat detection platform to handle increasing volumes of data (currently we handle ~1TB of log volume per day, expected to grow ~10x over the next year).
  • Lead incident response, as needed.
  • Develop detection rules and a process for keeping them effective in collaboration with other detection and response engineers.
  • Participate in table-top and red team exercises to evaluate efficacy.

What You Have

  • Demonstrated ability to find weaknesses (e.g., privilege escalation) in real-world corporate networks, cloud environments, or applications.
  • Hands-on experience responding to security incidents.
  • Strong understanding of computer networks, operating systems, and cryptographic protocols.
  • No experience with generative AI or legal is required.
  • 3+ years of experience in software engineering.
  • 4+ years of experience in security, software engineering, site reliability engineering, or related disciplines.

Bonus

  • Experience working at a small company, smaller independent division of a larger company, or a hyper-growth startup.
  • Experience with ClickHouse or similar data warehouses.
  • Red team experience.
  • Experience in an incident commander role, managing security incidents or other disasters.

Compensation Range

$220,000 - $280,000 USD

Please find our CA applicant privacy notice here.

Apply now

Location

    San Francisco, US

Job type

  • Fulltime

Role

Engineering

Keywords

  • Security
  • Engineering
Apply now
Back to all jobs