Job Closed
This listing is no longer active.
GC AI is the legal AI platform built for in-house teams that solves the workflows in-house lawyers and legal professionals face every day. With powerful tools like Easy Prompt and Exact Quote, you can be the legal hero your team needs with faster and more accurate drafting, reviewing, researching, and redlining. GC AI is built for in-house legal work, gets to know you and your company over time, uses 5 large language models under the hood, and is private, secure and compliant. GC AI is SOC 2 Type II certified, built with enterprise-grade security, and never uses your confidential data for training. Founded by a three-time General Counsel and former Morrison & Foerster litigator, GC AI is trusted by over 500 legal teams worldwide, including Webflow, CDW, Vercel, Liquid Death, Kenneth Cole, Eventbrite, SurveyMonkey, Tipalti, and other high-growth global brands. See the difference that becoming an AI-powered lawyer can make. Try it free or get a demo at gc.ai.
Software Engineer, Security & Platform
Location
California
Posted
105 days ago
Salary
$165K - $350K / year
Seniority
Mid Level
Job Description
Software Engineer, Security & Platform
GC AI
GC AI is the fastest-growing and most trusted legal AI platform for in-house legal teams. We're building the future of legal work, and we're doing it fast. You'll join at a pivotal moment—when decisions matter, impact is immediate, and the runway to shape your career is wide open. We’re a high-performing team where you'll have real ownership and influence from day one. More than 1,300 companies use GC AI to drive their business forward, including 150+ public companies, 25+ unicorns, and brands such as News Corp, Miro, Bass Pro Shops, Snyk, Skims, Liquid Death, Vercel, Zscaler, and TIME. We've 10x'd revenue in 12 months, raised a $60 million Series B ($555 million valuation), and are growing faster than ever. We are backed by incredible investors, including Scale Venture Partners, Northzone, Sound Ventures, and Guillermo Rauch, CEO of Vercel. If you thrive when the stakes are high and the path isn't paved, you'll love it here. Our six guiding principles are: 1% better every day, customer obsession, ship today, find a way, care deeply, and own it completely. Come shape the future of legal work with us. Location We are hiring for this role to be based in the United States or Canada. This is a remote role unless you fall within the following parameters. If you live within approximately 50 miles of our San Mateo, CA or Provo, UT office, the position follows a hybrid schedule with in-office days on Mondays, Wednesdays, and Fridays. About The Role Help harden, simplify, and operationalize a TypeScript-based production system used by security-conscious, legal/regulatory, and enterprise customers. This is not a feature-churn role – though you may contribute directly to product experiences. The core need centers on security, auditability, infrastructure correctness, and customer trust, with occasional forward-deployed and sales-adjacent work when deep technical context is required. A major component of this role will be to collaborate to form and evangelize engineering direction and culture with respect to security needs. If you’re comfortable owning security surfaces end-to-end—code, cloud, and customer conversations—this role will suit you. We’re an AI-forward environment and (responsibly) use AI tools like Cursor and Claude Code for our work. What You'll Do - Help unify logging, security events and other auditability functionality within our platform. - Work with legal and sales to help communicate security posture, functionality, and compliance. - Work with DevOps and other engineering functions to promote and maintain strong security positions, clear auditability, tight network boundaries, and alignment with security, compliance, and customer needs. What You Bring - Strong experience with TypeScript across backend and frontend. - Production experience with Google Cloud Platform (IAM, service accounts, project isolation). - Experience with infrastructure as code (Terraform, Pulumi, or similar). - Practical experience designing or implementing: - Audit logs and SIEM experience - Access controls / complex roles, organizations, and permissioning - Security-relevant telemetry - Ability to reason about real risk vs. checklist compliance. Nice to Have - Experience acting as a technical lead either on a team or a vertical, strong soft skills. - Familiarity with security questionnaires, vendor risk reviews, SOC 2, and audits. - Prior work in regulated or compliance-heavy environments. - Comfort working directly with customers or sales in technical contexts. A Note On Pace We’re building something new in a once-in-a-generation shift in technology and the legal industry, so we move at a relentless pace. We expect urgency, ownership, and good judgment even when things aren’t perfectly clear. If you need structure and consensus to do your best work, this isn’t the right place for you. If you thrive in ambiguity and growth, work with intensity, and want real responsibility, keep reading. We’re excited to meet you. Compensation GC AI's compensation package includes a competitive base salary benchmarked against real-time market data, as well as meaningful equity and excellent benefits for all full-time roles. Our US-based compensation range for this role is $165,000 – $350,000. This range spans four levels, from mid-level to Principal. Final compensation will vary based on leveling, market conditions, geographic location, and candidate qualifications, including relevant knowledge, skills, and experience assessed during the interview process. These compensation bands are just the starting point. After someone joins and proves they’re an exceptional performer, we adjust quickly to ensure their compensation aligns with their impact. Equal Opportunity Employment GC AI is an equal opportunity employer that supports workplace diversity and does not discriminate on the basis of race, color, religion, gender identity/expression, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, physical or mental disability, or any other protected class. GC AI is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. #LI-GCAI Fraud Notice to GC AI Applicants To protect yourself against phishing and recruitment fraud, please note that GC AI only accepts job applications through our official careers page at https://gc.ai/careers and through sponsored jobs on LinkedIn. All legitimate communication from our team regarding job opportunities will come from a GC AI team member with a @gc.ai or @getgc.ai email address. GC AI will never: - Refer you to external websites to apply - Conduct interviews over email, chat platforms, or messaging apps - Ask you to provide payment or purchase equipment - Request personal or financial information such as your mailing address, social security number, credit card numbers, or banking information during the application process Examples of fraudulent email addresses: - info.gcai.careers.com@gmail.com - info.gc.aicareers.online.com@gmail.com - Any email address ending in @gmail.com, @yahoo.com, or other free email services If you are contacted by someone claiming to be from GC AI via an unofficial channel or from a suspicious email address, please do not share any information. Mark the communication as "phishing" or "spam" and do not respond.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Software Engineer, Security & Platform
GC AIGC AI is the legal AI platform built for in-house teams that solves the workflows in-house lawyers and legal professionals face every day. With powerful tools like Easy Prompt and Exact Quote, you can be the legal hero your team needs with faster and more accurate drafting, reviewing, researching, and redlining. GC AI is built for in-house legal work, gets to know you and your company over time, uses 5 large language models under the hood, and is private, secure and compliant. GC AI is SOC 2 Type II certified, built with enterprise-grade security, and never uses your confidential data for training. Founded by a three-time General Counsel and former Morrison & Foerster litigator, GC AI is trusted by over 500 legal teams worldwide, including Webflow, CDW, Vercel, Liquid Death, Kenneth Cole, Eventbrite, SurveyMonkey, Tipalti, and other high-growth global brands. See the difference that becoming an AI-powered lawyer can make. Try it free or get a demo at gc.ai.
GC AI is the fastest-growing and most trusted legal AI platform for in-house legal teams. We're building the future of legal work, and we're doing it fast. You'll join at a pivotal moment—when decisions matter, impact is immediate, and the runway to shape your career is wide open. We’re a high-performing team where you'll have real ownership and influence from day one. More than 1,300 companies use GC AI to drive their business forward, including 150+ public companies, 25+ unicorns, and brands such as News Corp, Miro, Bass Pro Shops, Snyk, Skims, Liquid Death, Vercel, Zscaler, and TIME. We've 10x'd revenue in 12 months, raised a $60 million Series B ($555 million valuation), and are growing faster than ever. We are backed by incredible investors, including Scale Venture Partners, Northzone, Sound Ventures, and Guillermo Rauch, CEO of Vercel. If you thrive when the stakes are high and the path isn't paved, you'll love it here. Our six guiding principles are: 1% better every day, customer obsession, ship today, find a way, care deeply, and own it completely. Come shape the future of legal work with us. Location We are hiring for this role to be based in the United States or Canada. This is a remote role unless you fall within the following parameters. If you live within approximately 50 miles of our San Mateo, CA or Provo, UT office, the position follows a hybrid schedule with in-office days on Mondays, Wednesdays, and Fridays. About The Role Help harden, simplify, and operationalize a TypeScript-based production system used by security-conscious, legal/regulatory, and enterprise customers. This is not a feature-churn role – though you may contribute directly to product experiences. The core need centers on security, auditability, infrastructure correctness, and customer trust, with occasional forward-deployed and sales-adjacent work when deep technical context is required. A major component of this role will be to collaborate to form and evangelize engineering direction and culture with respect to security needs. If you’re comfortable owning security surfaces end-to-end—code, cloud, and customer conversations—this role will suit you. We’re an AI-forward environment and (responsibly) use AI tools like Cursor and Claude Code for our work. What You'll Do - Help unify logging, security events and other auditability functionality within our platform. - Work with legal and sales to help communicate security posture, functionality, and compliance. - Work with DevOps and other engineering functions to promote and maintain strong security positions, clear auditability, tight network boundaries, and alignment with security, compliance, and customer needs. What You Bring - Strong experience with TypeScript across backend and frontend. - Production experience with Google Cloud Platform (IAM, service accounts, project isolation). - Experience with infrastructure as code (Terraform, Pulumi, or similar). - Practical experience designing or implementing: - Audit logs and SIEM experience - Access controls / complex roles, organizations, and permissioning - Security-relevant telemetry - Ability to reason about real risk vs. checklist compliance. Nice to Have - Experience acting as a technical lead either on a team or a vertical, strong soft skills. - Familiarity with security questionnaires, vendor risk reviews, SOC 2, and audits. - Prior work in regulated or compliance-heavy environments. - Comfort working directly with customers or sales in technical contexts. A Note On Pace We’re building something new in a once-in-a-generation shift in technology and the legal industry, so we move at a relentless pace. We expect urgency, ownership, and good judgment even when things aren’t perfectly clear. If you need structure and consensus to do your best work, this isn’t the right place for you. If you thrive in ambiguity and growth, work with intensity, and want real responsibility, keep reading. We’re excited to meet you. Compensation GC AI's compensation package includes a competitive base salary benchmarked against real-time market data, as well as meaningful equity and excellent benefits for all full-time roles. Our US-based compensation range for this role is $165,000 – $350,000. This range spans four levels, from mid-level to Principal. Final compensation will vary based on leveling, market conditions, geographic location, and candidate qualifications, including relevant knowledge, skills, and experience assessed during the interview process. These compensation bands are just the starting point. After someone joins and proves they’re an exceptional performer, we adjust quickly to ensure their compensation aligns with their impact. Equal Opportunity Employment GC AI is an equal opportunity employer that supports workplace diversity and does not discriminate on the basis of race, color, religion, gender identity/expression, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, physical or mental disability, or any other protected class. GC AI is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. #LI-GCAI Fraud Notice to GC AI Applicants To protect yourself against phishing and recruitment fraud, please note that GC AI only accepts job applications through our official careers page at https://gc.ai/careers and through sponsored jobs on LinkedIn. All legitimate communication from our team regarding job opportunities will come from a GC AI team member with a @gc.ai or @getgc.ai email address. GC AI will never: - Refer you to external websites to apply - Conduct interviews over email, chat platforms, or messaging apps - Ask you to provide payment or purchase equipment - Request personal or financial information such as your mailing address, social security number, credit card numbers, or banking information during the application process Examples of fraudulent email addresses: - info.gcai.careers.com@gmail.com - info.gc.aicareers.online.com@gmail.com - Any email address ending in @gmail.com, @yahoo.com, or other free email services If you are contacted by someone claiming to be from GC AI via an unofficial channel or from a suspicious email address, please do not share any information. Mark the communication as "phishing" or "spam" and do not respond.
• Design and deliver training at all levels with prior supervision and/or ongoing oversight. • Conduct organizational climate and culture diagnostics with prior supervision and/or oversight. • Lead the implementation and/or enhancement of preventive processes with clients, with prior supervision and/or oversight. • Manage client projects, monitoring the schedule of proposed activities and the effectiveness of each action, with prior supervision and/or oversight. • Create internal and external materials for daily operations, with prior supervision and/or oversight.
Security Specialist Tier 2
AireSpringGlobal provider of Managed SD-WAN, UCaaS, Managed Security, and Business Internet to Multi-location enterprises.
• Understanding customer FortiNet security needs and implementing solutions • Migrating existing firewalls into newly deployed FortiNet appliances • Completing FortiNet initial customer configurations and user acceptance testing • Configuring and supporting integrations with supported third party applications and systems • Troubleshooting and resolving customer FortiNet implementations • Completing change requests and monitoring security appliances • Acting upon and resolving security notifications • Pro-actively improving security implementations • Keeping abreast of the evolving products and services made available by FortiNet and its partners • Ensuring that the customer and agent FortiNet appliance service experience is positive • Safeguarding information system assets by identifying and solving potential and actual security problems • Protecting system by defining access privileges, control structures, and resources • Recognizing problems by identifying abnormalities and reporting violations • Implementing security improvements by assessing current situation, evaluating trends, and anticipating requirements • Determining security violations and inefficiencies by conducting periodic audits • Upgrading system by implementing and maintaining security controls • Keeping users and customers informed by preparing performance reports and communicating system status • Maintaining quality service by following organization standards • Maintaining technical knowledge by attending educational workshops and reviewing publications.
• Develop and implement security policies and procedures for project environments, ensuring alignment with industry standards and government guidelines (PSPF, ISM). • Monitor, assess, and manage vulnerabilities in systems and applications, and configure security tools like firewalls, IDS, and anti-malware software in collaboration with IT. • Create and maintain documentation for security protocols, incident response plans, and guidelines to ensure consistency and compliance across projects. • Stay current with cybersecurity trends and deliver security awareness training to foster a proactive security culture among stakeholders and partners. • Lead incident response efforts, including containment, eradication, recovery, and communication of risks and solutions to improve security practices. • Conduct comprehensive cyber risk assessments of systems and technologies to ensure compliance with government policies and enhance overall security posture. • Continuously improve cybersecurity services by implementing new strategies, tools, and best practices to stay ahead of emerging threats. • Manage and maintain agreed service levels, ensuring that cyber security operations align with organisational goals.


