Key skills
Security EngineeringCloud ArchitectureKubernetesInfrastructure as CodeNetworking FundamentalsOperating SystemsCryptographic ProtocolsSoft SkillsAIGenerative AIAWSAzureGoogle CloudCollaboration
About this role
Harvey is transforming how legal and professional services operate by combining AI and an enterprise-grade platform. The Infrastructure Security Engineer will design and build secure infrastructure, implement security processes, and ensure the platform remains trustworthy and compliant.
Responsibilities:
- Incorporate secure design principles into our cloud architecture
- Develop isolation mechanisms (e.g. sandboxing) in collaboration with our product engineering team
- Review security-critical configuration changes and act as Codeowner for security-critical parts of our cloud configurations (everything is IaC)
- Audit our existing cloud environment for vulnerabilities
- Develop policies and procedures for the secure creation and operation of our cloud environments
Requirements:
- 5+ years experience in Security Engineering, Software Engineering, or Site Reliability Engineering roles
- Demonstrated experience writing high-quality software and building production-grade infrastructure and raising the quality bar of engineering teams
- Strong fundamentals in networking, operating systems, and cryptographic protocols
- In-depth knowledge of Kubernetes, common misconfigurations, and privilege escalation vectors
- Demonstrated ability to find weaknesses (e.g. privilege escalation) in real-world cloud environments
- Experience applying security best practices in cloud environments (AWS, Azure, or Google Cloud)
- (No experience with generative AI or legal required)
- Familiarity with large-scale Infrastructure as Code (IaC) deployments
- Familiarity with Kubernetes Admission Controllers and policy enforcement
- Exposure to multi-cloud environments