Skip to content
CohereCohereSan Francisco, CA

Manager, Security Engineering

Lead and grow a Security Engineering team responsible for vulnerability management, SAST/DAST, penetration testing, bug bounty, and secure SDLC integration across cloud platforms.

Salary not listed
On-site8+ YOESecurity Engineering

About the role

Key Responsibilities

  • Serve as trusted advisor to team's leadership and partner teams by clearly articulating business risks associated with security issues
  • Execute the long-term vision for the Security team in alignment with Cohere's product and business goals
  • Collaborate closely with leadership to prioritize high-impact initiatives and strategic customer engagements
  • Vulnerability Management: Develop and implement enterprise-wide vulnerability management processes and tooling, including identification, prioritization, remediation tracking, and reporting
  • Static Application Security Testing (SAST): Establish SAST programs, integrate tools into CI/CD pipelines, and analyze results to identify and remediate security flaws in source code
  • Dynamic Application Security Testing (DAST): Implement DAST methodologies, configure scanning tools, and conduct regular assessments of running applications
  • Penetration Testing: Lead and oversee internal and external penetration testing engagements, including web application, API, network and agentic AI platform; manage bug bounty program
  • Security Architecture Review: Collaborate with development teams to review and validate security architecture and design patterns
  • Secure SDLC Integration: Embed security practices throughout the software development lifecycle, working closely with engineering and product teams
  • Team Leadership: Lead and grow a high-performing team of Security engineers through hiring, coaching, and mentorship
  • Metrics and Reporting: Establish key security metrics, generate regular reports for leadership, and communicate security posture to stakeholders
  • Compliance and Standards: Ensure application security practices align with industry standards (OWASP Top10 for LLMs, ISO 27001) and regulatory requirements

Requirements

  • 8+ years of previous experience in Application Security / Security Engineering with a strong focus on vulnerability management, SDLC and bug bounty programs
  • Proven experience with SAST, DAST, and penetration testing methodologies and tools
  • Proficiency with programming languages (Python, GoLang) and web technologies
  • Experience with cloud platforms (AWS, GCP, Azure) and container security
  • Excellent communication and interpersonal skills with ability to influence technical and non-technical stakeholders
  • Experience building and managing high-performing security teams
  • Comfortable with ambiguity and able to make informed decisions with little data
  • Flexible and constructive approach when solving problems
  • Able to make trade-offs between build vs. buy decisions
  • Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls

Nice-to-Haves

  • Understanding of secure engineering best practices and ability to articulate problem statements and propose solutions to both technical and non-technical audiences

Skills

PythonGoSASTDASTPenetration TestingVulnerability ManagementAWSGCPAzureContainer SecurityCI/CDISO 27001Owasp
Snowflake

Senior Software Engineer

SnowflakeBellevue, WA +1

Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.

200k – 288k/yr
Hybrid5+ YOESecurity Engineering
Anthropic

Software Security Engineering Manager, Secure Frameworks

AnthropicSan Francisco, CA +1

Lead the Secure Frameworks Research team at Anthropic to build high-leverage security libraries and frameworks (cryptographic, serialization, authorization) that prevent vulnerabilities in AI model development. Manage engineers, drive adoption across teams, and balance security rigor with development velocity; requires 5+ years security/software engineering and 3+ years managing security teams.

405k – 485k/yr
Hybrid8+ YOESecurity Engineering
Forus

Founding Security Engineer

ForusNew York, NY

Founding Security Engineer owning cloud (AWS/GCP), product, AI data, detection/response, and compliance (HIPAA/SOC 2) for a healthcare AI platform handling PHI at scale. Requires 7+ years security engineering on strong SWE foundation, hands-on IaC, and multi-domain expertise.

Salary not listed
On-site7+ YOESecurity Engineering
Flexport

Manager, Supply Chain Protection & Loss Intelligence

FlexportMiami, FL

Manager responsible for global supply chain protection, loss prevention, and physical security programs at Flexport. Oversees 50+ security officers, electronic systems (CCTV/access control), data-driven investigations, policy/SOP authoring, and new facility stand-up across offices and fulfillment centers.

Salary not listed
On-site8+ YOESecurity Engineering
Crusoe

Physical Security Manager

CrusoeDallas, TX

Lead day-to-day operations of Crusoe's 24/7 Global Security Operations Center (GSOC), overseeing monitoring, incident response, intelligence, and crisis management to protect facilities and infrastructure. Requires experience building high-performing teams, driving operational maturity, and ensuring compliance in a fast-growing environment.

Salary not listed
On-site7+ YOESecurity Engineering