Remote Senior Security Engineer

Description:

• As a Senior Security Engineer, you will serve as a trusted advisor to the team’s leadership and partner teams by clearly articulating business risks associated with security issues.
• You will lead security operation functions, including vulnerability management, SAST, DAST, detection engineering, and incident response in CI/CD and cloud-native production environments.
• Your role will involve integrating security into applications throughout the software development lifecycle.
• You will collaborate with product and development teams, driving the success of larger projects to ensure that software is built and deployed securely without compromising agility and speed.
• You will drive and support the bug bounty program, application security reviews, and threat modeling, including code review and dynamic testing.
• Assessing and integrating security tools to automate and scale security processes will be part of your responsibilities, including evaluating open-source versus vendor solutions.
• You will gather and analyze security metrics to address security issues with cross-team dependencies.
• As a problem solver, you will be empathetic to developer concerns and employ a constructive and flexible approach to building innovative solutions.

Requirements:

• You should have 5+ years of previous experience in Application/Product Security or Security Operations with a strong focus on security tool onboarding and optimization.
• An understanding of vulnerability management, network security, cloud security concepts, and industry best practices across many fields of security is required.
• You must be comfortable with ambiguity and able to make informed decisions with little data.
• A flexible and constructive approach when solving problems is essential.
• You should be able to make trade-offs between build versus buy decisions, helping to build solutions and reviewing available tools.
• Understanding secure engineering best practices and the ability to articulate problem statements and propose solutions to both technically savvy and non-technical audiences is necessary.
• A deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls, is required.
• You should be a hands-on security engineer interested in automating controls.

Benefits:

• Full-time employees at Cohere enjoy an open and inclusive culture and work environment.
• You will work closely with a team on the cutting edge of AI research.
• A weekly lunch stipend, in-office lunches, and snacks are provided.
• Full health and dental benefits are included, along with a separate budget to take care of your mental health.
• There is a 100% parental leave top-up for up to 6 months.
• Personal enrichment benefits towards arts and culture, fitness and well-being, quality time, and workspace improvement are offered.
• The position is remote-flexible, with offices in Toronto, New York, San Francisco, London, and Paris, as well as a co-working stipend.
• Employees receive 6 weeks of vacation (30 working days!).