Senior Software Security Engineer

Who are we?

Our mission is to scale intelligence to serve humanity. We’re training and deploying frontier models for developers and enterprises who are building AI systems to power magical experiences like content generation, semantic search, RAG, and agents. We believe that our work is instrumental to the widespread adoption of AI.

We obsess over what we build. Each one of us is responsible for contributing to increasing the capabilities of our models and the value they drive for our customers. We like to work hard and move fast to do what’s best for our customers.

Cohere is a team of researchers, engineers, designers, and more, who are passionate about their craft. Each person is one of the best in the world at what they do. We believe that a diverse range of perspectives is a requirement for building great products.

Join us on our mission and shape the future!

Why This Role?

Are you passionate about security architecture, design and secure coding? Do you want to be at the forefront of AI innovation and enterprise security? Cohere's North team is seeking a Senior Software Engineer with a focus on security to join our mission and make a significant impact.

About North:

North is Cohere's cutting-edge AI workspace platform, designed to revolutionize the way enterprises utilize AI. It offers a secure and customizable environment, allowing companies to deploy AI while maintaining control over sensitive data. North integrates seamlessly with existing workflows, providing a trusted platform that connects AI agents with workplace tools and applications.

Your Role:

As a Senior Software Engineer with a security focus, you'll play a pivotal role in building and securing North's architecture. Your responsibilities will include:

• Security Architecture Reviews: Conducting security architecture reviews and threat modeling to ensure North's robust security posture.

• Core Development: Contributing to the core development of security features such as OIDC/OAuth flows and session management, ensuring North's AI agents are secure and compliant.

• Secure Coding Practices: Writing secure code to handle OIDC tokens, user claims, and sensitive data, adhering to best practices for JWT validation and encryption.

• Authentication and Data Protection: Advising on authentication mechanisms including user login, token management, and authorization checks to maintain data integrity.

• Tool Integration: Pulling in new tools and influencing security decisions to enhance North's capabilities.

• Application Security Testing: Designing and executing simulated attacks against applications and systems to evaluate their resilience against real-world threats.

• Cross-functional Relationships: Demonstrating strong soft skills to communicate security best practices to stakeholders in a clear and concise manner.

You may be a good fit if:

• 5+ years previous experience in Product Security with a strong focus on security architecture and application security testing.

• You have strong development skills, and have hands-on experience working in Python or Go.

• You have a deep understanding of OIDC specifications, including OAuth 2.0, JWT, and related protocols.

• You have a solid knowledge of security principles like session management, multi-factor authentication, and secure coding practices.

• You have an understanding of application security principles, common vulnerabilities and are familiar with offensive security techniques and red teaming methodologies

• You are comfortable with ambiguity and are able to make informed decisions with little data.

• You employ a flexible and constructive approach when solving problems.

• You are able to make trade-offs between build vs. buy decisions - help build solutions and able to review what tools are available.

• You understand secure engineering best practices, can articulate problem statements and propose solutions to both technically savvy and non-technical audiences.

If some of the above doesn’t line up perfectly with your experience, we still encourage you to apply! If you want to work really hard on a glorious mission with teammates that want the same thing, Cohere is the place for you.

We value and celebrate diversity and strive to create an inclusive work environment for all. We welcome applicants from all backgrounds and are committed to providing equal opportunities. Should you require any accommodations during the recruitment process, please submit an Accommodations Request Form, and we will work together to meet your needs.

Full-Time Employees at Cohere enjoy these Perks:

🤝 An open and inclusive culture and work environment 

🧑‍💻 Work closely with a team on the cutting edge of AI research 

🍽 Weekly lunch stipend, in-office lunches & snacks

🦷 Full health and dental benefits, including a separate budget to take care of your mental health 

🐣 100% Parental Leave top-up for 6 months for employees based in Canada, the US, and the UK

🎨 Personal enrichment benefits towards arts and culture, fitness and well-being, quality time, and workspace improvement

🏙 Remote-flexible, offices in Toronto, New York, San Francisco and London and co-working stipend

✈️ 6 weeks of vacation

Note: This post is co-authored by both Cohere humans and Cohere technology.