Job Overview
Location
San Francisco
Job Type
Full-time
Category
Software Engineering
Date Posted
June 4, 2026
Full Job Description
đź“‹ Description
- • Own and maintain core compliance documentation, including compliance packages and security assessment reports, ensuring they remain accurate and audit-ready at all times
- • Coordinate evidence collection across Engineering, Infrastructure, and Security teams for regulated assessments such as SOC 2, ISO 27001, and FedRAMP
- • Support third-party assessor engagements end-to-end, including scheduling, preparing internal teams, triaging findings, and drafting formal responses to audit observations
- • Conduct gap analyses against applicable compliance frameworks and produce remediation tracking artifacts that Engineering and Security teams can act on directly
- • Manage continuous monitoring activities including regular control reviews, change notifications, and incident documentation to sustain compliance status in a dynamic cloud environment
- • Partner closely with Engineering and Security teams to validate that technical controls are properly implemented, tested, and continuously monitored
- • Translate regulatory language and compliance requirements into clear, testable technical configurations that engineering teams can implement and verify
- • Maintain up-to-date control documentation aligned with Harvey’s SaaS and cloud-based platform, ensuring alignment with evolving infrastructure and product changes
- • Serve as a key executor on Harvey’s certification and audit portfolio under the Manager of Compliance Programs
- • Ensure all compliance activities meet U.S. government requirements for work performed by U.S. citizens on U.S. soil
- • Maintain strict adherence to Harvey’s core values: Decisiveness, Simplicity, and Job’s Not Finished, acting with urgency and ownership to resolve compliance gaps
- • Communicate compliance requirements clearly to non-compliance stakeholders, particularly engineering teams, using precise and actionable language
- • Track and report on remediation progress for identified control deficiencies, ensuring timely closure of audit findings
- • Collaborate with cross-functional teams to embed compliance into product development lifecycles and infrastructure changes
- • Ensure all compliance artifacts are consistently updated to reflect real-time changes in Harvey’s technology stack and customer requirements
- • Support internal and external audits with thorough preparation, documentation, and team coordination to uphold Harvey’s reputation for trustworthiness and security
🎯 Requirements
- • 3–5+ years in information security compliance with hands-on exposure to government and industry frameworks in a SaaS or cloud environment
- • Solid working knowledge of applicable government compliance frameworks; ability to map controls to technical implementations and evaluate evidence quality
- • Experience maintaining compliance documentation and tracking remediation activities; familiarity with compliance automation tooling
- • Exceptional attention to detail — able to manage multiple concurrent workstreams and keep documentation aligned with a dynamic cloud environment
- • Clear communicator: able to write crisp control implementation statements and explain compliance requirements to engineering audiences
- • U.S. citizenship required — this role supports work the U.S. government specifies can only be performed by a U.S. citizen on U.S. soil
🏖️ Benefits
- • Compensation range of $99,200 - $148,800 depending on location
- • Equal opportunity employer committed to diversity and inclusion
- • Reasonable accommodations available for applicants with disabilities upon request
- • Opportunity to work at a high-growth company shaping the future of professional services with AI
Skills & Technologies
About Harvey AI Inc.
Harvey AI Inc. provides a generative artificial-intelligence platform engineered specifically for the legal profession. The software integrates with law-firm workflows to automate contract drafting, review, due-diligence and regulatory research, producing lawyer-quality language grounded in up-to-date statutes and precedents. Harvey combines large language models trained on legal corpora with secure, private-cloud deployment and firm-specific fine-tuning to maintain confidentiality and compliance. Clients range from global law firms to in-house legal departments seeking efficiency gains without compromising accuracy or security. The company was founded in 2022 and is headquartered in San Francisco, California.
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
Similar Opportunities
General Dynamics Information Technology, Inc.
3 months ago
Correlation One, Inc.
2 months ago
Sedgwick Claims Management Services, Inc.
2 months ago
