Why Harvey

At Harvey, we’re transforming how legal and professional services operate — not incrementally, but end-to-end. By combining frontier agentic AI, an enterprise-grade platform, and deep domain expertise, we’re reshaping how critical knowledge work gets done for decades to come.

This is a rare chance to help build a generational company at a true inflection point. With 1000+ customers in 60+ countries, strong product-market fit, and world-class investor support, we’re scaling fast and defining a new category in real time. The work is ambitious, the bar is high, and the opportunity for growth — personal, professional, and financial — is unmatched.

Our team is sharp, motivated, and deeply committed to the mission. We move fast, operate with intensity, and take real ownership of the problems we tackle — from early thinking to long-term outcomes. We stay close to our customers — from leadership to engineers — and work together to solve real problems with urgency and care. If you thrive in ambiguity, push for excellence, and want to help shape the future of work alongside others who raise the bar, we invite you to build with us.

At Harvey, the future of professional services is being written today — and we’re just getting started.

Role Overview

We are seeking a Senior Systems Engineer to own and manage Harvey's Microsoft platform across Intune, M365, and Entra ID. You will be the technical owner of our Microsoft ecosystem spanning corporate production, development, and demo environments — architecting device management policies, deploying and managing M365 tenants, and collaborating with our Security team on identity and access management through Entra.

Harvey is a fast-growing legal AI company, and this role is critical to ensuring our employees — many of whom are lawyers and legal professionals — have a seamless, secure, and well-managed Microsoft experience from their first day. You'll also be responsible for building and maintaining viable demo and test environments that support Engineering, Product, and Sales. You'll work closely with teammates across Business Technology, Security, Engineering, and People teams in an environment where Okta serves as the primary identity provider and Microsoft is a key platform within a broader ecosystem.

What You'll Do

• Own end-to-end Microsoft 365 and Intune architecture across corporate production, dev, and demo environments, including tenant strategy, governance, and lifecycle management.

• Build, automate, and maintain multi-tenant demo and test environments with seeded data, realistic users, and scripted resets for Engineering, Product, and Sales teams.

• Standardize and streamline Intune device management: Autopilot, enrollment, configuration and compliance policies, Win32/MSIX app packaging and deployment, patching, and reporting for Windows and macOS endpoints. Manage iOS and Android MDM as needed.

• Own laptop deployment configuration, including establishing golden Windows images, standard baselines, and endpoint hardening policies in partnership with the Security team.

• Implement reusable infrastructure-as-code and automation (PowerShell, Microsoft Graph, Bicep/Terraform, CI/CD) for environment provisioning and policy enforcement.

• Collaborate with the Security team to define and enforce Entra ID policies, including conditional access, MFA, RBAC/PIM, and zero trust configurations — integrating with our Okta-centric identity ecosystem.

• Manage M365 tenant administration across multiple environments, including app registrations, Graph API scopes, licensing optimization, and Entra configuration.

• Provide Tier 3 support and root-cause analysis for Microsoft platform issues; build monitoring, alerting, and reporting to proactively identify and resolve problems before they impact employees.

• Create and maintain clear documentation, runbooks, architecture diagrams, and golden configurations; enable self-service where practical.

• Partner with Engineering and Product on validation scenarios and with Sales on accurate, compelling demo environments; track KPIs on environment readiness and Intune adoption.

What You Have

• 7+ years of experience in IT systems engineering, with deep expertise in Microsoft Intune and M365 administration at scale.

• Hands-on experience managing multi-tenant Microsoft environments, including production, dev, and demo configurations.

• Proven success building automated demo and test labs, including data seeding and environment reset workflows.

• Strong PowerShell and Microsoft Graph API skills; solid infrastructure-as-code experience (Bicep or Terraform) and CI/CD pipelines.

• Deep Intune experience: Autopilot, Win32/MSIX packaging, configuration and compliance policies, BitLocker/FileVault, patching, and endpoint analytics across both macOS and Windows.

• Experience with Entra ID (Azure AD), including conditional access, SSO, identity governance, and integration with third-party identity providers such as Okta.

• Solid understanding of security frameworks and best practices (Zero Trust, least privilege, conditional access, MFA).

• Strong communication and stakeholder management skills, with the ability to translate technical concepts for non-technical audiences including legal professionals.

• Self-directed and comfortable operating with a high degree of ownership in a fast-paced, high-growth, global environment.

Bonus Points:

• Microsoft certifications: 365 Enterprise Administrator Expert, Identity and Access Administrator, Modern Desktop Administrator, or Azure Administrator/Architect.

• Experience managing Microsoft infrastructure in a legal or professional services environment where data sensitivity and compliance are paramount.

• Familiarity with JAMF and experience managing hybrid macOS/Windows fleets; MECM/SCCM co-management and cloud-native endpoint migration experience.

• Azure subscriptions, networking, and monitoring experience; GitHub Actions or Azure DevOps pipeline experience.

• Power Platform and Teams governance experience; PAW and break-glass patterns; SSO/SAML/OIDC and SCIM.

• Knowledge of compliance frameworks (SOC 2, ISO 27001, GDPR) and how they apply to Microsoft platform management.

• Prior work in a high-growth startup environment where you've built Microsoft infrastructure from the ground up.

Compensation

$153,000 - $229,600

Depending on your location, an Applicant Privacy Notice may apply to you. You can find all of our Applicant Privacy Notices [here].

#LI-RB1

Harvey is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.

We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made by emailing accommodations@harvey.ai