Security Engineer

About Us
Legora is on a mission: to redefine how legal work gets done. From the very start we have been very clear about the fact that we are not building a solution for lawyers, we are building it with them, because it is the only way to make sure it gets done the right way; working side-by-side every step of the way.

Our AI-native workspace empowers legal professionals not just to work faster - but to ask better questions, unlock new insights. Every day, we push the boundaries of legal tech to make complex processes smarter, faster, and more human. From thousands of documents analysed in minutes to intelligent workflows designed in collaboration with leading practices, we're turning possibility into reality.

Today we are trusted by global firms like Cleary Gottlieb, Goodwin, Bird & Bird and Linklaters in over 40 countries, but we have no plans on stopping here. We ship fast, we iterate effectively, and we scale rapidly - not by accident, but by design.

When you join Legora, you become part of a team that believes "good enough" isn't good enough and that the way to win is together, by empowering lawyers to do their best work with technology that truly understands them. If you're excited by building from first principles, working with exceptional people, and accelerating change in a high-stakes, high-impact domain—then this is the moment and the place.

We're not just shaping the future of legal tech — we're defining it. Ready to join us in building the intelligent future of law?
The role
At Legora, securing our platform means
engineering security from from day one
— not bolting it on later. We're looking for a
Security Engineer
who can think like an attacker, build like a developer, and operate like an SRE. You'll work across our whole tech stack, from Azure cloud infrastructure to JavaScript and Python services, to our AI integrations and workflows. You'll help make sure everything we ship is secure-by-default and resilient to evolving threats.

This is a hands-on, technical role where you'll be building tooling, embedding in product squads, and solving hard security problems at scale. You'll work alongside our Head of Security, engineers, and product teams to design, implement, and maintain robust security controls while enabling rapid, safe innovation.

What You Will Be Doing

• Embed security into our software development lifecycle; conduct design reviews, threat modeling, and secure code reviews for our JavaScript and Python codebases.
• Architect and implement security controls for our Azure cloud infrastructure, ensuring Zero Trust principles in identity, network, and service-to-service communication.
• Build and maintain secure-by-default tooling, templates, and guardrails for our developers.
• Protect AI workflows by designing and build defenses against prompt injection, data leakage, and abuse.
• Develop and maintain vulnerability management pipelines (SAST, DAST, dependency scanning), triaging and driving fixes with engineering teams.
• Automate security processes in CI/CD, including secret scanning, artifact signing, and policy-as-code checks.
• Partner with our information security team to ensure compliance and automate evidence collection efforts.

Who You Are

• You have 3+ years in a security engineering, product security, or DevSecOps role, ideally in a cloud-first, high-growth tech environment.
• You are fluent in at least one programming language (JavaScript preferred) and comfortable reading/writing production code.
• You have hands-on experience securing cloud environments (Azure strongly preferred) and working with Infrastructure-as-Code (Pulumi, Terraform, or similar).
• You understand Zero Trust architecture and can design systems with identity-centric, least-privilege access controls.
• You have experience with secure SDLC practices, application security testing, and vulnerability management.
• You have worked on or are curious about securing AI/ML workflows, with an interest in adversarial ML threats and mitigations.
• You thrive in cross-functional work, explaining security risks to engineers, influencing design choices, and collaborating to deliver secure features on time.

Legora is an Equal Opportunity Employer
At Legora, we believe great teams are built on diversity of thought and experience. We're proud to be an equal opportunity employer and committed to creating an inclusive, high-performance culture where everyone can do their best work. We welcome people of all backgrounds and don't discriminate based on race, color, religion, national origin, gender, gender identity or expression, sexual orientation, age, disability, veteran status, or any other characteristic protected by law.