onsite

Head of Security Engineering - HARVEY

Engineering Manager

Lead the Security Engineering organization, shaping strategy and delivery of cloud‑native security solutions, IAM frameworks, and automated DevSecOps pipelines while mentoring engineers and driving threat‑modeling practices.

About the role

Key Responsibilities

Define and execute the security engineering roadmap across multi‑cloud environments, ensuring robust protection of data, workloads, and infrastructure.
Build and lead high‑performing teams that design, implement, and operate automated DevSecOps pipelines, integrating security testing into CI/CD workflows.
Architect and govern Identity and Access Management (IAM) solutions, including role‑based access control, least‑privilege policies, and privileged access management.
Conduct threat modeling and risk assessments for new products and major feature releases, translating findings into actionable remediation plans.
Collaborate with product, engineering, and compliance stakeholders to embed security controls early in the development lifecycle.
Mentor senior engineers, establish best‑practice standards, and drive continuous improvement of security processes and tooling.

Requirements

10+ years of experience in security engineering, with at least 5 years in a leadership role overseeing cloud‑native security programs.
Deep expertise in cloud platforms (AWS, GCP, Azure), IAM frameworks, and container security (Kubernetes, Docker).
Proven track record building DevSecOps pipelines using tools such as Terraform, Jenkins, GitHub Actions, and automated scanning solutions.
Strong background in threat modeling, vulnerability management, and security architecture design.
Hands‑on programming/scripting ability, preferably in Python, to prototype security tools and automate workflows.

Skills

python

CompanyHARVEY

DepartmentEngineering

LocationSan Francisco, California, United States

Experience7+ years

Tenurefull-time

LevelLead

Salary350,000

Posted June 26, 2026

About the role

Key Responsibilities

Define and execute the security engineering roadmap across multi‑cloud environments, ensuring robust protection of data, workloads, and infrastructure.
Build and lead high‑performing teams that design, implement, and operate automated DevSecOps pipelines, integrating security testing into CI/CD workflows.
Architect and govern Identity and Access Management (IAM) solutions, including role‑based access control, least‑privilege policies, and privileged access management.
Conduct threat modeling and risk assessments for new products and major feature releases, translating findings into actionable remediation plans.
Collaborate with product, engineering, and compliance stakeholders to embed security controls early in the development lifecycle.
Mentor senior engineers, establish best‑practice standards, and drive continuous improvement of security processes and tooling.

Requirements

10+ years of experience in security engineering, with at least 5 years in a leadership role overseeing cloud‑native security programs.
Deep expertise in cloud platforms (AWS, GCP, Azure), IAM frameworks, and container security (Kubernetes, Docker).
Proven track record building DevSecOps pipelines using tools such as Terraform, Jenkins, GitHub Actions, and automated scanning solutions.
Strong background in threat modeling, vulnerability management, and security architecture design.
Hands‑on programming/scripting ability, preferably in Python, to prototype security tools and automate workflows.