Security Engineer
Location: [Specify Location if applicable, e.g., New York, NY | Remote]
About Crosby AI
At Crosby AI, we're not just building software; we're fundamentally transforming the corporate legal landscape with an AI-first platform. We're a dynamic team of technologists and legal experts, pioneering proprietary technology and human-in-the-loop workflows that redefine how lawyers and machines collaborate. Our mission is to deliver unparalleled speed, consistency, and quality across high-stakes legal work.
Our advanced systems review complex documents with exceptional speed and accuracy, leveraging sophisticated AI combined with structured legal expertise. Clients receive AI-powered redlines, insightful commentary, and strategic negotiation guidance within hours, all at a predictable, volume-based price.
Backed by industry leaders like Sequoia, Index Ventures, and Bain Capital Ventures, we are building the definitive end-to-end contracting platform for the next generation of fast-growing companies. Join us to shape the future of legal technology.
The Engineering Team
Our Engineering team is the backbone of Crosby AI, crafting the core systems and infrastructure that power our cutting-edge AI-first platform. We thrive in a high-stakes environment where security, reliability, and data integrity aren't just buzzwords—they are foundational to our mission and paramount in everything we do.
We prioritize strong architectural foundations, foster deep ownership, and apply rigorous engineering practices. This ensures security is baked in from design, enabling us to innovate rapidly and iterate on products without compromising our robust security posture.
The Role: Security Engineer
As a Security Engineer at Crosby AI, you will play a critical role in shaping and fortifying the security posture of our entire platform. This is a unique opportunity to design, implement, and evolve the core security foundations that protect highly sensitive legal data, secure our advanced cloud infrastructure, and embed a culture of best-in-class security across our rapidly growing engineering organization.
You'll be the crucial link between technical implementation and strategic vision, collaborating directly with our engineering, product, and legal teams. Your expertise will be vital in proactively identifying risks, deploying robust controls, and ensuring our systems consistently exceed the highest standards of security and compliance. We're looking for a deeply technical and pragmatic professional who can skillfully balance the need for strong security guarantees with the agility required in a fast-paced, innovative environment.
What You'll Do
Own Application & Infrastructure Security: Drive the design, implementation, and continuous improvement of comprehensive security controls across our applications, APIs, and dynamic cloud infrastructure (e.g., AWS/GCP).
Safeguard Critical Data: Engineer and evolve sophisticated systems and processes to meticulously protect highly confidential legal and customer data throughout its lifecycle.
Champion Secure Development: Instill and enforce secure development lifecycle practices, including leading threat modeling exercises, conducting comprehensive code reviews, and implementing proactive vulnerability management strategies.
Proactive Threat Detection & Response: Establish and optimize robust monitoring, alerting, and incident response frameworks to swiftly detect, analyze, and neutralize security threats.
Ensure Compliance & Trust: Spearhead efforts for critical security certifications (e.g., SOC 2), including diligent documentation, control implementation, and active participation in audits.
Integrate Security Seamlessly: Partner cross-functionally with engineering and product teams to integrate security into every phase of the development lifecycle, optimizing for velocity without sacrificing security rigor.
Who You Are
You bring 4+ years of dedicated experience in security engineering, infrastructure security, or a closely related role.
You possess a profound understanding of application security, cloud security (e.g., AWS/GCP), and common vulnerability classes.
You have a proven track record of securing complex production systems, including expertise in authentication, authorization, and advanced data protection schemes.
You are proficient in at least one modern programming language (e.g., Python, Go) and have a natural ability to collaborate effectively with diverse engineering teams.
You have hands-on experience with a range of security tooling, sophisticated monitoring systems, and robust incident response workflows.
You approach challenges with a highly pragmatic mindset, adept at prioritizing risks and engineering effective, scalable security solutions.
You are driven by a strong ownership mindset, capable of operating autonomously and providing clarity in ambiguous, fast-evolving scenarios.
You are an exceptional communicator who can articulate complex security concepts clearly and collaborate seamlessly with engineers, product teams, and leadership.
Equal Opportunity
Crosby is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.
Background checks for applicants will be administered in accordance with applicable law, and qualified applicants with arrest or conviction records will be considered for employment consistent with those laws, including the New York City Fair Chance Act.
Pursuant to New York Labor Law Section 194-b, the US Pay Range for this position is listed below. Final compensation will be determined based on skills, experience, and qualifications.
Compensation Range: $180k–$250k