Why This Job is Featured on The SaaS Jobs
Product Security roles are increasingly central in SaaS as enterprise buyers scrutinise trust, compliance, and resilience alongside features. This position stands out because it sits inside the product engineering surface area rather than being a purely advisory security function, aligning security outcomes with the realities of shipping and operating a cloud platform used by external customers.
For a SaaS career, the long-term value comes from building repeatable security mechanisms that scale with usage and product complexity. Work that spans authentication, access control, secure APIs, and vulnerability management maps directly to the controls that mature SaaS organisations rely on as they expand customer footprints and handle higher-stakes data. The emphasis on contributing code and improving tooling also develops a practical security engineering profile that transfers across modern cloud-native products.
This role is best suited to engineers who prefer influence through implementation, partnering closely with feature teams and owning a defined product area end to end. It will fit someone motivated by finding concrete weaknesses, translating them into durable safeguards, and navigating incident response with an engineering mindset. Candidates who enjoy balancing offensive thinking with maintainable platform improvements should find the scope aligned with how SaaS security work is increasingly done.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
Why Harvey
At Harvey, we’re transforming how legal and professional services operate — not incrementally, but end-to-end. By combining frontier agentic AI, an enterprise-grade platform, and deep domain expertise, we’re reshaping how critical knowledge work gets done for decades to come.
This is a rare chance to help build a generational company at a true inflection point. With 700+ customers in 58+ countries, strong product-market fit, and world-class investor support, we’re scaling fast and defining a new category in real time. The work is ambitious, the bar is high, and the opportunity for growth — personal, professional, and financial — is unmatched.
Our team is sharp, motivated, and deeply committed to the mission. We move fast, operate with intensity, and take real ownership of the problems we tackle — from early thinking to long-term outcomes. We stay close to our customers — from leadership to engineers — and work together to solve real problems with urgency and care. If you thrive in ambiguity, push for excellence, and want to help shape the future of work alongside others who raise the bar, we invite you to build with us.
At Harvey, the future of professional services is being written today — and we’re just getting started.
Role Overview
Some of the world's largest companies and their law firms use Harvey’s AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time.
Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.
As part of the Product Security team, you’ll help ensure Harvey is built in the most secure way possible. You’ll take ownership of securing a specific part of the product and build strong relationships with the developers working in that area. With these insights, you’ll advocate for and implement high-leverage security controls across the organization.
Our security program at Harvey is driven by our collective offensive security experience: Breaking into systems at other companies (in white-hat capacities), responding to real security incidents, and learning from other companies’ data breaches. We regularly conduct penetration tests and red team exercises with external security firms. At the same time, we are all software engineers - contributing code daily and approaching security with an engineering-first mindset.
What You’ll Do
Partner closely with engineering teams to incorporate secure design principles at every stage of development
Review security-critical code and own key parts of the product, including authentication and access control
Contribute meaningfully to the Harvey code base. Some prior projects include:
Refactoring our authentication stack to improve streamline execution
Removing password use from the application
Designing secure APIs for critical data access
Build secure-by-default libraries and tools that make the secure path the easiest and most attractive choice for developers and their AI agents
Audit the existing codebase for vulnerabilities
Improve our static analysis and vulnerability management tooling
Discover vulnerabilities through red team exercises
Participate in and drive mitigation strategies during security related incident responses
What You Have
4+ years of experience in product security, application security, offensive security, and/or security-focused software engineering
Demonstrated experience writing high-quality software and raising the quality bar of software engineering teams
Proven ability to identify software vulnerabilities, demonstrated through CVEs, bug bounty awards, blog posts, or prior work experience
Strong communication and collaboration skills, particularly with engineering teams
Bonus
Open source contributions
Experience managing cloud environments (e.g. Azure, GCP, AWS)
Experience working at or with a small company or a hyper-growth startup
Compensation Range
$215,000 - $250,000 USD
Please find our CA applicant privacy notice here.
#LI-KV1
Harvey is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.
We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made by emailing accommodations@harvey.ai
