Detection & Response Security Engineer
Role Overview
Some of the world's largest companies and their law firms use Harvey’s AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time. Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.
What You'll Do
- Build strong relationships with key employees across the organization
- Use your offensive security expertise to develop plausible threat scenarios and identify opportunities for detection
- Assess logs for gaps and implement additional logging as needed
- Build out sophisticated data pipelines to handle increasing volumes of data and enrich our observability
- Lead incident response, as needed
- Develop detection rules and a process for keeping them effective in collaboration with our other D&R Engineers
- Participate in table-top and red-team exercises to evaluate efficacy
What You Have
- Demonstrated ability to find weaknesses (e.g. privilege escalation) in real-world corporate networks, cloud environments, or applications
- Hands-on experience responding to security incidents
- Strong understanding of computer networks, operating systems, and cryptographic protocols
- 4+ years of experience in Security, Software Engineering, Site Reliability Engineering, or related disciplines
Nice to Have
- Experience working at a small company, smaller independent division of larger company, or a hyper-growth startup
- Experience with ClickHouse or similar data warehouses
- Red team experience
- Experience in incident commander role, managing security incidents or other disasters
Pay
$188,000 - $282,000 Depending on your location, an Applicant Privacy Notice may apply to you.
About the role
We are a small but effective team and have a high bar for our work. Our security program at Harvey is driven by our collective offensive security experience: Breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies' data breaches. We conduct regular pentests and red team exercises with external security firms.
Qualifications
We are an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law. We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made by emailing accommodations@harvey.ai.