Technical Program Manager, Security & Trust

Why Harvey

At Harvey, we’re transforming how legal and professional services operate — not incrementally, but end-to-end. By combining frontier agentic AI, an enterprise-grade platform, and deep domain expertise, we’re reshaping how critical knowledge work gets done for decades to come.

This is a rare chance to help build a generational company at a true inflection point. With 700+ customers in 58+ countries, strong product-market fit, and world-class investor support, we’re scaling fast and defining a new category in real time. The work is ambitious, the bar is high, and the opportunity for growth — personal, professional, and financial — is unmatched.

Our team is sharp, motivated, and deeply committed to the mission. We move fast, operate with intensity, and take real ownership of the problems we tackle — from early thinking to long-term outcomes. We stay close to our customers — from leadership to engineers — and work together to solve real problems with urgency and care. If you thrive in ambiguity, push for excellence, and want to help shape the future of work alongside others who raise the bar, we invite you to build with us.

At Harvey, the future of professional services is being written today — and we’re just getting started.

Role Overview

Some of the world's largest companies and their law firms use Harvey’s AI capabilities to deliver world-class client services at unprecedented scale and efficiency. Harvey allows high-performing professionals to gain deep domain knowledge faster, understand the big picture, and tackle more complex challenges in less time.

Our customers depend on us to deliver a secure, trustworthy, and compliant platform. Earning the trust of our customers is a business enabler and we value it more than anything else.

In this role, your objective is to earn the trust of our customers by communicating our security program, aligning it with relevant security and privacy standards, and getting it assessed by independent auditors.

This is a highly cross-functional role that involves close collaboration with teams across the company, including Security, Product Management, Engineering, GTM, IT, Legal, and external consultants and auditors. Understanding and communicating customer and compliance requirements and producing accurate documentation will be key parts of this role.

A big part of this role is responding to customer security questions. As an advocate for the Harvey Security program, our goal is to provide quick and accurate responses leveraging Harvey to assist. We achieve high accuracy and your role will include reviewing Harvey’s output - spotting the cases where the model misses the mark or can’t answer due to documentation gaps.

We already have certifications including SOC 2 Type 2, ISO 27001; adhere to CCPA and GDPR, and continue to expand our compliance portfolio based on business needs. We have mature systems and processes in place, but they need to be constantly adapted to our quickly growing company and the rapidly evolving product.

What You’ll Do

• Respond to customer security questions at scale by using AI

• Meet with customers to address security-related questions and concerns

• Manage ISO and SOC 2 Type 2 and other emerging compliance programs, which includes continuously monitoring compliance status through automated tools, completing periodic required activities (pentests, risk assessments, various reviews and exercises, etc.), and coordinating with internal teams to gather evidence for auditors

• Maintain and update corporate information security policies, ensuring compliance requirements are communicated across the organization

• Maintain and improve our internal documentation

• Maintain and improve security documentation and resources we share with customers and partners

• Identify opportunities to streamline Trust workflows through tooling and automation

What You Have

• 4+ years experience in Information Security

• 3+ years experience in roles requiring a high degree of project management

• A strong foundation across a broad range of security, risk, and governance topics

• Excellent organizational skills, including project management and process design with a drive for simplification

• Excellent written communication skills

• Ability to communicate complex technical and regulatory topics to diverse audiences; equally comfortable partnering with engineers, lawyers, customers, and GTM

• Ability to manage external contractors, vendors, and consultants

• Customer-centric mindset

• Strong attention to detail while keeping focused on the big picture

Bonus

• Experience leading compliance certification projects such as SOC 2, ISO, IRAP, FedRAMPis a plus, but not required

• Experience operationalizing controls at the intersection of product and enterprise security (secure SDLC, data protection/privacy-by-design, third‑party risk, incident response) in AI-centric contexts

Compensation

$144,500 - $195,500 USD

Please find our CA applicant privacy notice here.

#LI-KV1

Harvey is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.

We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made by emailing accommodations@harvey.ai