Lead and grow a Security Engineering team responsible for vulnerability management, SAST/DAST, penetration testing, bug bounty, and secure SDLC integration across cloud platforms.
Salary not listed
On-site8+ YOESecurity Engineering
About the role
Key Responsibilities
Serve as trusted advisor to team's leadership and partner teams by clearly articulating business risks associated with security issues
Execute the long-term vision for the Security team in alignment with Cohere's product and business goals
Collaborate closely with leadership to prioritize high-impact initiatives and strategic customer engagements
Vulnerability Management: Develop and implement enterprise-wide vulnerability management processes and tooling, including identification, prioritization, remediation tracking, and reporting
Static Application Security Testing (SAST): Establish SAST programs, integrate tools into CI/CD pipelines, and analyze results to identify and remediate security flaws in source code
Dynamic Application Security Testing (DAST): Implement DAST methodologies, configure scanning tools, and conduct regular assessments of running applications
Penetration Testing: Lead and oversee internal and external penetration testing engagements, including web application, API, network and agentic AI platform; manage bug bounty program
Security Architecture Review: Collaborate with development teams to review and validate security architecture and design patterns
Secure SDLC Integration: Embed security practices throughout the software development lifecycle, working closely with engineering and product teams
Team Leadership: Lead and grow a high-performing team of Security engineers through hiring, coaching, and mentorship
Metrics and Reporting: Establish key security metrics, generate regular reports for leadership, and communicate security posture to stakeholders
Compliance and Standards: Ensure application security practices align with industry standards (OWASP Top10 for LLMs, ISO 27001) and regulatory requirements
Requirements
8+ years of previous experience in Application Security / Security Engineering with a strong focus on vulnerability management, SDLC and bug bounty programs
Proven experience with SAST, DAST, and penetration testing methodologies and tools
Proficiency with programming languages (Python, GoLang) and web technologies
Experience with cloud platforms (AWS, GCP, Azure) and container security
Excellent communication and interpersonal skills with ability to influence technical and non-technical stakeholders
Experience building and managing high-performing security teams
Comfortable with ambiguity and able to make informed decisions with little data
Flexible and constructive approach when solving problems
Able to make trade-offs between build vs. buy decisions
Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
Nice-to-Haves
Understanding of secure engineering best practices and ability to articulate problem statements and propose solutions to both technical and non-technical audiences
Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.
Lead the Secure Frameworks Research team at Anthropic to build high-leverage security libraries and frameworks (cryptographic, serialization, authorization) that prevent vulnerabilities in AI model development. Manage engineers, drive adoption across teams, and balance security rigor with development velocity; requires 5+ years security/software engineering and 3+ years managing security teams.
405k – 485k/yr
Hybrid8+ YOESecurity Engineering
Founding Security Engineer
ForusNew York, NY
Founding Security Engineer owning cloud (AWS/GCP), product, AI data, detection/response, and compliance (HIPAA/SOC 2) for a healthcare AI platform handling PHI at scale. Requires 7+ years security engineering on strong SWE foundation, hands-on IaC, and multi-domain expertise.
Salary not listed
On-site7+ YOESecurity Engineering
Manager, Supply Chain Protection & Loss Intelligence
FlexportMiami, FL
Manager responsible for global supply chain protection, loss prevention, and physical security programs at Flexport. Oversees 50+ security officers, electronic systems (CCTV/access control), data-driven investigations, policy/SOP authoring, and new facility stand-up across offices and fulfillment centers.
Salary not listed
On-site8+ YOESecurity Engineering
Physical Security Manager
CrusoeDallas, TX
Lead day-to-day operations of Crusoe's 24/7 Global Security Operations Center (GSOC), overseeing monitoring, incident response, intelligence, and crisis management to protect facilities and infrastructure. Requires experience building high-performing teams, driving operational maturity, and ensuring compliance in a fast-growing environment.