Security Engineer
Security Engineer focused on security operations, incident response, monitoring/alerting, and securing SaaS applications and infrastructure. Requires Go experience, Elastic Stack, GCP, and on-call rotation participation.
Assess client security postures, develop customized security programs using frameworks like NIST and SOC2, provide implementation guidance, and collaborate with auditors and internal teams to achieve compliance goals.
Security Engineer focused on security operations, incident response, monitoring/alerting, and securing SaaS applications and infrastructure. Requires Go experience, Elastic Stack, GCP, and on-call rotation participation.
Owns end-to-end execution of GRC programs including SOC 1/2, PCI DSS, and ISO 27001 audits, control design, risk assessments, and vendor management. Partners with engineering to implement technical controls and documentation for scalable compliance in fintech.
This Compliance Analyst role at Harvey involves owning and maintaining compliance documentation, coordinating evidence collection, and supporting third-party assessments. The role requires hands-on compliance work, close collaboration with Engineering and Security teams, and a detail-oriented approach to ensure program health and continuous monitoring.
Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.
Conduct low-level code security assessments, architecture reviews, and threat modeling for client applications. Build custom security tools bridging vulnerability research and application security. Requires manual code review, binary analysis, and programming proficiency in multiple languages.