GRC Security Specialist
San Francisco, CA, USA
Posted on Thursday, January 25, 2024
Who are we?
Our mission is to scale intelligence to serve humanity. We’re training and deploying frontier models for developers and enterprises who are building AI systems to power magical experiences like content generation, semantic search, RAG, and agents. We believe that our work is instrumental to the widespread adoption of AI.
We obsess over what we build. Each one of us is responsible for contributing to increasing the capabilities of our models and the value they drive for our customers. We like to work hard and move fast to do what’s best for our customers.
Cohere is a team of researchers, engineers, designers, and more, who are passionate about their craft. Each person is one of the best in the world at what they do. We believe that a diverse range of perspectives is a requirement for building great products.
Join us on our mission and shape the future!
Please Note: We have offices in Toronto, San Francisco, and London but embrace being remote-first! There are no restrictions on where you can be located for this role.
As a GRC Security Specialist you will:
- Lead governance, compliance, risk (GRC) efforts for SOC2 compliance by implementing security controls, risk assessment frameworks, and programs that align to regulatory requirements.
- Manage third-party and vendor compliance program by conducting vendor security analysis in collaboration with Legal, Finance and IT teams.
- Evaluate risks and develop security standards, policies, procedures, and controls to manage risks.
- Conduct quarterly and annual audit reviews of users and systems to ensure they adhere to our compliance standards.
- Perform internal and external information security risk assessments such as vulnerability management scans, penetration tests, phishing, etc.
- Collaborate across teams as a compliance expert, driving the success of larger projects.
- Gather and report metrics for all GRC initiatives on the team.
You may be a good fit if:
- 3+ years previous experience in Governance, Risk and Compliance roles with a strong focus on security tool onboarding and optimization.
- You are experienced with IT security risk frameworks (such as NIST) and compliance regulations (such as SOC2, GDPR, and other data privacy regulations).
- You have an understanding of cloud security concepts and industry best practices for cloud technologies
- You have scripting experience to automate recurring tasks.
- You are comfortable with ambiguity and are able to make informed decisions with little data.
- You understand compliance best practices, can articulate problem statements and propose solutions to both technically savvy and non-technical audiences.
- You have effective written and verbal communication skills and can build trust with cross-functional teams.
If some of the above doesn’t line up perfectly with your experience, we still encourage you to apply! If you consider yourself a thoughtful worker, a lifelong learner, and a kind and playful team member, Cohere is the place for you.
We value and celebrate diversity and strive to create an inclusive work environment for all. We welcome applicants of all kinds and are committed to providing an equal opportunity process. Cohere provides accessibility accommodations during the recruitment process. Should you require any accommodation, please let us know and we will work with you to meet your needs.
🤝 An open and inclusive culture and work environment
🧑💻 Work closely with a team on the cutting edge of AI research
🍽 Weekly lunch stipend, in-office lunches & snacks
🦷 Full health and dental benefits, including a separate budget to take care of your mental health
🐣 100% Parental Leave top-up for 6 months for employees based in Canada, the US, and the UK
🎨 Personal enrichment benefits towards arts and culture, fitness and well-being, quality time, and workspace improvement
🏙 Remote-flexible, offices in Toronto, Palo Alto, San-Francisco and London and co-working stipend
✈️ 6 weeks of vacation
Note: This post is co-authored by both Cohere humans and Cohere technology.