Key skills
AICI/CDLeadershipNetwork SecurityCloud Security
About this role
Cohere is dedicated to scaling intelligence to serve humanity through AI systems. As a Senior Security Engineer, you will lead security operations, integrate security into applications, and collaborate with teams to ensure secure software deployment while addressing business risks and vulnerabilities.
Responsibilities:
- Serve as trusted advisor to team’s leadership and partner teams by clearly articulating business risks associated with security issues
- Lead security operation functions – including vulnerability management, SAST, DAST, detection engineering, and incident response – in CI/CD and cloud-native production environments
- Integrate security into our applications throughout the software development lifecycle
- Collaborate with product and development teams, driving the success of larger projects to ensure that software is built and deployed securely without compromising agility and speed
- Driving and supporting bug bounty program, application security reviews and threat modeling, including code review and dynamic testing
- Assess and integrate security tools to automate and scale security processes, i.e: evaluate open-source vs vendor solutions
- Gather and analyze security metrics to address security issues with cross-team dependencies
- Be a problem solver who is empathetic to developer concerns and will employ constructive and flexible approach to building innovative solutions
Requirements:
- 5+ years previous experience in Application/Product Security or Security Operations with a strong focus on security tool onboarding and optimization
- Understanding of vulnerability management, network security, cloud security concepts, and industry best practices across many fields of security
- Comfortable with ambiguity and able to make informed decisions with little data
- Employ a flexible and constructive approach when solving problems
- Able to make trade-offs between build vs. buy decisions - help build solutions and able to review what tools are available
- Understand secure engineering best practices, can articulate problem statements and propose solutions to both technically savvy and non-technical audiences
- Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
- Hands-on security engineer interested in automating controls