Senior Security Engineer

About Us

Legora is redefining how legal work gets done. Not built for lawyers, built with them. We work alongside the world’s best legal teams, who expect excellence, precision, and speed, and we hold ourselves to the same bar.

Our AI-native workspace lets legal professionals move faster, think more clearly, and operate with sharper precision. By analysing thousands of documents in minutes and powering end-to-end workflows, we cut through complexity, teams can focus on what matters: judgment, strategy, and outcomes.

1,000+ customers across 50+ countries trust us, including Cleary Gottlieb, Goodwin, Linklaters, White & Case, Dentons, and Barclays. We’ve scaled to $100M+ in ARR, with teams across Europe, North America and APAC, and continue to expand through acquisitions including Qura, Walter AI and Graceview.

We partner with world-class performers: including Aaron Judge and the New York Yankees, Ludvig Åberg (and his caddie), and campaigns featuring Jude Law.

Joining Legora means three things.

• We lean in: ownership over titles, outcomes over intentions.

• We fight for excellence: high standards, direct, ego-free feedback.

• We grow together: as a team and with our customers.

Mission before ego. Everyone contributes. No one coasts.

If you’re driven by impact, pace, and raising the bar. This is the place.

The role:

At Legora, we prioritise security. Always.

We are looking for Application Security Engineers who can think like an attacker, build like a developer, and operate like an SRE. In this role you will work across our whole tech stack, from our Azure cloud infrastructure, JavaScript and Python services, to our AI integrations and workflows. Your goal is to ensure everything we ship and build is secure-by-default and resilient to evolving threats.

At Legora we don't believe that “shifting left” is sufficient, our goal is to build a secure and resilient ecosystem for our engineers so that they can build tomorrows features with confidence and speed.

*This is a Stockholm-based, 5-day in-office role, we believe building together in person drives better outcomes.

What you will be doing:

• Embed security into our software development lifecycle; conduct design reviews, threat modelling, and secure code reviews for our JavaScript and Python codebases.

• Architect and implement security controls for our cloud infrastructure, ensuring Zero Trust principles in across our networks, identities, and service-to-service communication.

• Build and maintain secure-by-default tooling, templates, and guardrails for our developers.

• Ensure our AI workflows and pipelines are secured and resilient against prompt injection, data leakage, and abuse.

• Develop and maintain vulnerability management pipelines, triaging and driving fixes with engineering teams.

• Automate security processes in CI/CD, including secret scanning, artifact signing, and policy-as-code checks.

• Partner with our information security team to ensure compliance and automate evidence collection efforts.

Who you are:

• Experience with Security Engineering or Product Security roles

• Able to produce production grade code.

• You understand Zero Trust architecture

• You have experience with secure SDLC practices, application security testing, and vulnerability management.

• You thrive in cross-functional work, explaining security risks to engineers, influencing design choices, and collaborating to deliver secure features on time.

Legora is an Equal Opportunity Employer

At Legora, we believe great teams are built on diversity of thought and experience. We’re proud to be an equal opportunity employer and committed to creating an inclusive, high-performance culture where everyone can do their best work. We welcome people of all backgrounds and don’t discriminate based on race, color, religion, national origin, gender, gender identity or expression, sexual orientation, age, disability, veteran status, or any other characteristic protected by law.