The RoleCustomer Trust is how Legora earns and keeps the confidence of the world's most demanding legal teams in how we handle their data - and how our AI handles it.
We are the front line for customer security, privacy, and compliance scrutiny: the team that answers the hard questions buyers, CISOs, and procurement teams ask. We own the security questionnaires (including their AI sections), the trust portal, the audit and evidence requests, and the customer-facing side of our SOC 2, ISO 27001, and AI-governance posture.
We partner closely with Information Security, Privacy and Legal counsel, and Go-to-Market to turn scrutiny into signed, renewed, and expanded relationships. Our work makes Legora easy to trust and easy to buy.
What You'll Be Doing- Own customer trust requests end-to-end: security questionnaires (SIG, CAIQ, and bespoke), DDQs, and the security and AI sections of RFPs - delivering high-quality responses against agreed SLAs in time-sensitive sales and renewal cycles.
- Answer the AI-trust questions buyers now ask: questions on training-data handling and retention, model-provider subprocessors, data residency, and our EU AI Act, ISO/IEC 42001, and NIST AI RMF posture - coordinating with Privacy and Legal counsel on anything touching privilege or client confidentiality.
- Communicate with expertise: translate Legora's security, privacy, and AI-governance posture into clear, confident answers for customer CISOs, GCs, and procurement teams.
- Master the product and controls: develop deep expertise in Legora's platform, its security and compliance controls, and its AI supply chain, so you can resolve complex trust questions with sound judgment.
- Run the trust portal and evidence repository: keep the portal, SOC 2 / ISO reports, penetration-test summaries, DPAs, subprocessor and model-provider lists, and AI-governance documentation current, accurate, and self-serve.
- Review security and contractual terms: support DPAs, security addenda, and non-standard customer security and AI terms, partnering with Legal to land them without slowing the deal.
- Build the response library and automate: maintain reusable, approved responses and drive questionnaire automation, including AI-assisted drafting, to raise quality and cut turnaround.
- Drive improvements and monitor proactively: spot recurring questions, objections, and emerging requirements, and partner with Information Security, Product, and Legal to close gaps and reduce repeat work.
- Support customer audits and security reviews: coordinate customer-facing security calls, audit responses, and follow-ups with precision and care.
- Shape the function: as an early team member, build the processes, workflows, and standards for Customer Trust that scale globally.
Who You Are- 3-5 years in customer trust, security GRC, security assurance, third-party risk, or a closely related customer-facing security or compliance role.
- You've owned complex, high-stakes B2B relationships with demanding security, procurement, and legal stakeholders - taking full ownership of issues, delivering exceptional outcomes, and turning scrutiny into trust.
- You can translate technical security and AI-governance controls into clear, customer-ready answers, with the judgment to know what to answer, what to caveat, and what to escalate.
- You notice patterns, anticipate objections before they escalate, and collaborate cross-functionally to drive lasting improvements.
- You are customer-obsessed, organized, and detail-oriented under deadline pressure.
- You are technically curious and comfortable learning new software, security concepts, and AI and compliance frameworks quickly.
- Someone who enjoys being in the office 5 days a week. A key component of Legora's success has been in-person collaboration and we want you to be part of that.
Nice To Have- Familiarity with SOC 2, ISO 27001, GDPR, and NIST, plus DPAs and subprocessor management.
- Exposure to AI governance and assurance: EU AI Act, ISO/IEC 42001, NIST AI RMF, model-training and data-retention questions, and AI-subprocessor disclosure.
- Certifications such as CISA, CISM, CISSP, or ISO 27001 Lead Implementer / Lead Auditor.
- Experience with trust and GRC tooling such as Vanta, Drata, SafeBase, OneTrust, Conveyor, or Loopio.
- A working understanding of cloud security and data-handling fundamentals - access, encryption, and data residency.
- Background in SaaS, AI, or legal tech environments.
What's In It For You- Global collaboration: Partner with teams and clients across Stockholm, New York, London, and Sydney.
- Competitive package: Comprehensive salary, benefits, and tools for success.
- Meaningful work: Your efforts shape how thousands of lawyers use AI daily.
- In-person environment: Union Square office designed for ambitious builders and company provided lunch daily.
- Benefits & Perks: We invest in our people with a comprehensive, thoughtfully designed benefits package:
Medical, Dental & Vision
- Multiple medical plan options via Aetna and Kaiser Permanente
- HSA or Healthcare FSA (based on plan selection)
- Dental plans via MetLife
- Vision plans via Vision Care
Family Support
- Generous parental leave
- Free access to Maven Clinic
- Dependent Care FSA
- Free One Medical membership for employees and dependents
Additional Perks
- Pre-tax commuter benefits
- Life Insurance + STD/LTD
- 401(K) with generous company match
- Unlimited PTO
- Robust voluntary benefits, including identity protection (via Aura), legal coverage via MetLife, pet savings programs, and more
