Technical Program Manager, Security & Trust

Harvey is a secure AI platform for legal and professional services that augments productivity and automates complex workflows. Harvey uses algorithms with reasoning-adept LLMs that have been customized and developed by our expert team of lawyers, engineers and research scientists. We’ve found product market fit and are scaling our team very quickly. Some reasons to join Harvey are:

• Exceptional product market fit: We have partnered with the largest law firms and professional service providers in the world, including Paul Weiss, A&O Shearman, Ashurst, O'Melveny & Myers, PwC, KKR, and many others.

• Strategic investors: Raised over $500 million from strategic investors including Sequoia, Google Ventures, Kleiner Perkins, and OpenAI.

• World-class team: Harvey is hiring the best talent from DeepMind, Google Brain, Stripe, FAIR, Tesla Autopilot, Glean, Superhuman, Figma, and more.

• Partnerships: Our engineers and researchers work directly with OpenAI to build the future of generative AI and redefine professional services.

• Performance: 4x ARR in 2024.

• Competitive compensation.

Some of the world's largest companies and their law firms use Harvey’s AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time. 

Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else. In this role, your objective is to earn the trust of our customers by communicating our security program, aligning it with relevant security and privacy standards, and getting it assessed by independent auditors. 

This is a highly cross-functional role that involves close collaboration with teams across the company, including Security, Product Management, Engineering, GTM, IT, Legal, and external consultants and auditors. Understanding and communicating customer and compliance requirements and producing accurate documentation will be key parts of this role. 

A big part of this role is responding to customer security questions. As an advocate for the Harvey Security program, our goal is to provide quick and accurate responses leveraging Harvey to assist. We achieve high accuracy and your role will include reviewing Harvey’s output - spotting the cases where the model misses the mark or can’t answer due to documentation gaps.

We’re now in our fourth cycle of SOC 2 and ISO 27001, so we have mature systems and processes in place, but they need to be constantly adapted to our quickly growing company and the rapidly evolving product. 

• Respond to customer security questions at scale by using AI

• Meet with customers to address security-related questions and concerns

• Manage ISO 27001 and SOC 2 Type 2 compliance programs, which includes continuously monitoring compliance status through automated tools, completing periodic required activities (pentests, risk assessments, various reviews and exercises, etc.), and coordinating with internal teams to gather evidence for auditors

• Maintain and update corporate information security policies, ensuring compliance requirements are communicated across the organization 

• Maintain and improve our internal documentation

• Maintain and improve security documentation and resources we share with customers and partners

• Identify opportunities to streamline workflows through tooling and automation

• 4+ years experience in Information Security

• 3+ years experience in roles requiring a high degree of project management

• A strong foundation across a broad range of security topics

• Excellent organizational skills, including project management and process design with a drive for simplification

• Excellent written communication skills

• Ability to manage external contractors, vendors, and consultants

• Customer-centric mindset

• Strong attention to detail while keeping focused on the big picture

• Experience with SOC 2 and ISO 27001 is a plus, but not required

• Technical writing experience is a plus

The expected range of compensation for this role is between $200,000 and $225,000.

Please find our CA applicant privacy notice here.

Harvey is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.

We are in the early innings of a generational company. Joining early at a hypergrowth startup has proven to lead to exponential growth in responsibility, access, and ability. Apply here today!