Senior Security & Compliance Engineer

Who are we?

We’re a small, diverse team working at the cutting edge of machine learning. At Cohere, our mission is to build machines that understand the world and to make them safely accessible to all. Language is at the crux of this, but it can be difficult and expensive to parse the syntax, semantics, and context that all work together to give words meaning. The Cohere platform provides access to Large Language Models through its APIs that read billions of web pages and learn to understand the meaning, sentiment, and intent of the words we use in a richness never seen before. 

We recently raised our Series B, signed a multi-year partnership with Google Cloud, and we are focused on bringing our technology to market. We will partner with customers so they can build natural language understanding and generation into their products with just a few lines of code.

We’re ambitious — we believe our technology will fundamentally transform how industries interact with natural language. And we have the technical chops to back it up - Cohere’s CEO, Aidan Gomez, is a co-author of the groundbreaking paper “Attention is all you need”, (over 53k citations) and was previously part of Google Brain. Our entire technical team is world-class. 

We are focused on creating a diverse and inclusive work environment so that all of our team members can thrive. We welcome kind and brilliant people to our team, from wherever they come.

Please Note: We have offices in Toronto, Palo Alto, and London but embrace being remote-first! There are no restrictions on where you can be located for this role.

As a Senior Security & Compliance Engineer you will:

• Engineer processes and tooling to meet compliance requirements
• Lead security operation functions – including vulnerability management, detection engineering, and incident response – in CI/CD and cloud-native production environments
• Identify and help mitigate security issues, misconfigurations, and vulnerabilities related to the Cohere cloud, container, and Kubernetes infrastructure
• Develop security tools and automation workflows to improve cloud security

You may be a good fit if:

• You are experienced with IT security risk frameworks (such as NIST) and compliance regulations (such as SOC2, GDPR, and other data privacy regulations)
• You have a deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
• You’re a hands-on security engineer interested in automating controls (i.e., Snyk, Open Policy Agent, SLSA framework, Bridgecrew etc.)
• You have experience in cloud environments (we use GCP); ideally working with Kubernetes-based infrastructure
• You’ve worked in organizations that develop software and/or operate managed infrastructure and technology services for their own customers