Manager, Security Engineering
Cohere
Job Description
Overview Our mission is to scale intelligence to serve humanity. We’re training and deploying frontier models for developers and enterprises who are building AI systems to power experiences like content generation, semantic search, RAG, and agents. We believe that our work is instrumental to the widespread adoption of AI. Cohere is a team of researchers, engineers, designers, and more who are passionate about their craft. We value a diverse range of perspectives as a requirement for building great products. Join us on our mission and shape the future. As a Manager of Security Engineering, your key responsibilities include: Responsibilities Serve as trusted advisor to team leadership and partner teams by clearly articulating business risks associated with security issues Execute the long-term vision for the Security team in alignment with Cohere’s product and business goals Collaborate closely with leadership to prioritize high-impact initiatives and strategic customer engagements Vulnerability Management: Develop and implement enterprise-wide vulnerability management processes and tooling, including identification, prioritization, remediation tracking, and reporting, including customer artifacts Static Application Security Testing (SAST): Establish SAST programs, integrate tools into CI/CD pipelines, and analyze results to identify and remediate security flaws in source code Dynamic Application Security Testing (DAST): Implement DAST methodologies, configure scanning tools, and conduct regular assessments of running applications Penetration Testing: Lead and oversee internal and external penetration testing engagements, including web application, API, network and agentic AI platform including managing our bug bounty program Security Architecture Review: Collaborate with development teams to review and validate security architecture and design patterns Secure SDLC Integration: Embed security practices throughout the software development lifecycle, working closely with engineering and product teams Team Leadership: Lead and grow a high-performing team of Security engineers through hiring, coaching, and mentorship Metrics and Reporting: Establish key security metrics, generate regular reports for leadership, and communicate security posture to stakeholders Compliance and Standards: Ensure application security practices align with industry standards (OWASP Top10 for LLMs, ISO 27001) and regulatory requirements You may be a good fit if 8+ years of experience in Application Security / Security Engineering with a focus on vulnerability management, SDLC and bug bounty programs Experience with SAST, DAST, and penetration testing methodologies and tools Proficiency with programming languages (Python, GoLang, etc.) and web technologies Experience with cloud platforms (AWS, GCP, Azure) and container security Excellent communication and interpersonal skills with ability to influence technical and non-technical stakeholders Experience building and managing high-performing security teams Ability to operate with ambiguity and make informed decisions with limited data Flexible and constructive problem-solving approach Ability to evaluate build vs. buy decisions and review available tools Strong understanding of secure engineering best practices and ability to articulate problem statements to technical and non-technical audiences Deep technical understanding of common security vulnerabilities, risks, countermeasures, and compensating controls If some of the above doesn’t line up perfectly with your experience, we still encourage you to apply. Equal Opportunity and Accommodations We value and celebrate diversity and strive to create an inclusive work environment for all. We welcome applicants from all backgrounds and are committed to providing equal opportunities.
If you require accommodations during the recruitment process, please submit an Accommodations Request Form, and we will work together to meet your needs. Perks Open and inclusive culture and work environment Work closely with a team on the cutting edge of AI research Weekly meals and snacks Comprehensive health and dental benefits, including a budget for mental health Parental leave top-up for up to 6 months Personal enrichment benefits for arts and culture, fitness and well-being, and workspace improvement Remote-friendly with offices in Toronto, New York, San Francisco, London and Paris, plus a co-working stipend Vacation: 6 weeks (30 working days) #J-18808-Ljbffr