Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Product Security Engineer

Harvey

Why HarveyAt Harvey, we’re transforming how legal and professional services operate. By combining frontier agentic AI, an enterprise-grade platform, and deep domain expertise, we’re reshaping how critical knowledge work gets done for decades to come.This is a rare chance to help build a generational company at a true inflection point. With 1500+ customers in 60+ countries, strong product-market fit, and world-class investor support, we’re scaling fast and defining a new category in real time. The work is ambitious, the bar is high, and the opportunity for growth — personal, professional, and financial — is unmatched.Our team moves fast, takes ownership, and is deeply committed to the mission — operating with intensity, staying close to our customers, and pushing each other for excellence. We live by three values: Decisiveness, Simplicity, and Job's Not Finished. We act quickly on clear judgment over perfect information, we believe simplicity is what scales, and we're never satisfied with where we are. If you want to do the best work of your career alongside people who share that drive, we'd love to build with you.At Harvey, the future of professional services is being written today — and we’re just getting started.Role OverviewAs a Staff Software Engineer on the Product Security team at Harvey, you'll play a critical role in shaping how security is built into our AI platform from the ground up. We store and process our customers’ most sensitive data, and as a result, security is paramount at every stage of our product lifecycle. You'll take ownership of securing critical parts of the product while driving high-leverage security initiatives that raise the bar for the entire engineering org — balancing hands-on technical work with cross-functional leadership and mentorship. This is a rare opportunity to define and build a product security program at a company scaling fast.Our security program is driven by our collective offensive security experience: breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies’ data breaches. We regularly conduct penetration tests and red team exercises with external security firms. At the same time, we are all software engineers - contributing code daily and approaching security with an engineering-first mindset.What You'll DoDefine and own the product security roadmap, prioritizing initiatives based on risk, business impact, and engineering org maturity.Establish and evolve security posture across the engineering organization, setting standards that scale with the companyPartner with Product Engineering, Infrastructure, and Platform teams to incorporate secure design principles at every stage of developmentOwn and review security-critical code across key parts of the product, including authentication and access controlArchitect secure-by-default libraries and tools that make the secure path the easiest choice for developersDrive mitigation strategies during security-related incident responses, coordinating cross-functional effortsMentor engineers and raise the security bar across teams through code reviews, design reviews, and technical guidanceWhat You Have8+ years of experience in product security, application security, offensive security, and/or security-focused software engineeringLong track record of identifying and remediating software vulnerabilities, demonstrated through CVEs, bug bounty awards, published research, or prior work experienceTrack record of leading complex cross-functional security initiatives and delivering measurable improvements, with demonstrated ability to influence engineering teams without direct authority.Experience mentoring senior engineers and developing security talent within an engineering organizationStrong programming skills with demonstrated experience writing high-quality, production softwareExcellent communication and collaboration skills, particularly when translating security risks into business terms for non-security stakeholdersNice to HaveExperience building security programs or practices at hyper-growth startupsBackground with cloud environments (Azure, GCP, AWS) and cloud-native security patternsExperience with AI/ML systems and emerging security considerations for LLM-based applicationsCompensation$220,000 - $330,000Depending on your location, an

Vacancy posted more than 2 months ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Product Security Engineer. Be the first to apply!