Member of Technical Staff, Security Engineer

Crosby is built on a simple conviction: a great legal system is the watermark of a great society — and the best legal work comes from combining human expertise with the right technology, not replacing one with the other.

Crosby is the first AI-native law firm, helping ambitious companies like Cursor, Ramp, and Cognition sign commercial contracts faster.

Legal work is both art and science, and we're mapping the frontier between the two — codifying what can be systematized, amplifying human judgment where it matters most. That's why the right way to bring AI into law isn't to sell software and walk away. It's to own the outcome together: higher-quality work, delivered faster. We build proprietary tools and human-in-the-loop workflows that change what's possible for corporate legal teams.

Crosby was founded by Ryan (Stanford Law, Cooley, startup GC) and John (Penn, first X employees at Ramp). We work together, in person, in New York City — because the best ideas still happen in the same room. Help us transform one of society's most important industries.

As a Security Engineer at Crosby, you'll play a critical role in designing and implementing the security foundations of our platform. You’ll be responsible for protecting sensitive legal data, securing our infrastructure, and embedding best-in-class security practices across the engineering organization.

You’ll work closely with engineering, product, and legal teams to identify risks, implement controls, and ensure our systems meet the highest standards of security and compliance. This role is for someone who is both deeply technical and highly pragmatic — able to balance strong security guarantees with the speed required in a fast-moving environment.

• →

  Own application and infrastructure security: Design and implement security controls across our application, APIs, and cloud infrastructure.

• →

  Protect sensitive data: Build systems and processes to safeguard confidential legal and customer data.

• →

  Drive security best practices: Establish and enforce secure development practices, including code reviews, threat modeling, and vulnerability management.

• →

  Monitor and respond: Implement monitoring, alerting, and incident response processes to detect and respond to security threats.

• →

  Ensure compliance readiness: Support security and compliance efforts (e.g., SOC 2), including documentation, controls, and audits.

• →

  Collaborate across teams: Partner with engineering and product teams to embed security into the development lifecycle without slowing velocity.

• 4+ years of experience in security engineering, infrastructure security, or a related role

• Strong understanding of application security, cloud security (e.g., AWS/GCP), and common vulnerability classes

• Experience securing production systems, including authentication, authorization, and data protection

• Proficient in at least one programming language (e.g., Python, Go) and comfortable working with engineering teams

• Experience with security tooling, monitoring systems, and incident response workflows

• Highly pragmatic — able to prioritize risks and implement effective, scalable solutions

• Strong ownership mindset with the ability to operate independently in ambiguous environments

• Clear communicator who can work effectively with engineers, product teams, and leadership

Crosby is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.

Background checks for applicants will be administered in accordance with applicable law, and qualified applicants with arrest or conviction records will be considered for employment consistent with those laws, including the New York City Fair Chance Act.

Pursuant to New York Labor Law Section 194-b, the US Pay Range for this position is listed in the job post. Final compensation will be determined based on skills, experience, and qualifications.