Jobs · Information Technology · New York

Staff Product Security Engineer

Harvey · New York, United States · 1 wk ago
HybridInformation Technology$220k–$330k/yrFull-time

Role Overview

The Staff Software Engineer on the Product Security team at Harvey will play a critical role in shaping how security is built into our AI platform from the ground up. Security is paramount at every stage of our product lifecycle due to the sensitive data we store and process.

What You'll Do

  • Define and own the product security roadmap, prioritizing initiatives based on risk, business impact, and engineering org maturity.
  • Establish and evolve security posture across the engineering organization, setting standards that scale with the company.
  • Partner with Product Engineering, Infrastructure, and Platform teams to incorporate secure design principles at every stage of development.
  • Own and review security-critical code across key parts of the product, including authentication and access control.
  • Architect secure-by-default libraries and tools that make the secure path the easiest choice for developers.
  • Drive mitigation strategies during security-related incident responses, coordinating cross-functional efforts.
  • Mentor engineers and raise the security bar across teams through code reviews, design reviews, and technical guidance.

Requirements

  • 8+ years of experience in product security, application security, offensive security, and/or security-focused software engineering.
  • Track record of identifying and remediating software vulnerabilities, demonstrated through CVEs, bug bounty awards, published research, or prior work experience.
  • Experience leading complex cross-functional security initiatives and delivering measurable improvements, with demonstrated ability to influence engineering teams without direct authority.
  • Strong programming skills with demonstrated experience writing high-quality, production software.
  • Excellent communication and collaboration skills, particularly when translating security risks into business terms for non-security stakeholders.

Nice to Have

  • Experience building security programs or practices at hyper-growth startups.
  • Background with cloud environments (Azure, GCP, AWS) and cloud-native security patterns.
  • Experience with AI/ML systems and emerging security considerations for LLM-based applications.

Pay

$220,000 - $330,000 Depending on your location, an Applicant Privacy Notice may apply to you.

Benefits

Harvey offers a competitive benefits package, including health insurance, retirement plans, and paid time off.

Schedule

Full-time position available.

Qualifications

We are an equal opportunity employer and do not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.

Similar jobs