Senior Infrastructure Security Engineer

Harvey is transforming how legal and professional services operate by combining AI and deep domain expertise. The Senior Infrastructure Security Engineer will design secure infrastructure, implement security processes, and enable engineering teams to operate securely and efficiently.

Responsibilities:

• Incorporate secure design principles into our cloud architecture
• Develop isolation mechanisms (e.g. sandboxing) in collaboration with our product engineering team
• Review security-critical configuration changes and act as Codeowner for security-critical parts of our cloud configurations (everything is IaC)
• Audit our existing cloud environment for vulnerabilities
• Develop policies and procedures for the secure creation and operation of our cloud environments

Requirements:

• 5+ years experience in Security Engineering, Software Engineering, or Site Reliability Engineering roles
• Demonstrated experience writing high-quality software and building production-grade infrastructure and raising the quality bar of engineering teams
• Strong fundamentals in networking, operating systems, and cryptographic protocols
• In-depth knowledge of Kubernetes, common misconfigurations, and privilege escalation vectors
• Demonstrated ability to find weaknesses (e.g. privilege escalation) in real-world cloud environments
• Experience applying security best practices in cloud environments (AWS, Azure, or Google Cloud)
• Experience owning and delivering complex security projects end-to-end as an individual contributor
• (No experience with generative AI or legal required)
• Familiarity with large-scale Infrastructure as Code (IaC) deployments
• Familiarity with Kubernetes Admission Controllers and policy enforcement
• Exposure to multi-cloud environments