Engineering Manager, Software Supply Chain Security: Pipeline Security

Who are we?At Cohere, our mission is to harness the power of intelligence for the benefit of humanity. We specialize in training and deploying cutting-edge models for developers and enterprises, enabling them to create innovative AI systems that deliver extraordinary experiences in content generation, semantic search, retrieval-augmented generation (RAG), and intelligent agents. Our endeavors are pivotal in accelerating the global adoption of AI technologies.We are dedicated to excellence in our craft. Each team member plays an essential role in enhancing the capabilities of our models and the value they provide to our clients. Our culture is built on hard work, rapid iteration, and a relentless focus on what is best for our customers.Cohere is comprised of a diverse team of researchers, engineers, designers, and more—each a leader in their field. We believe that diverse perspectives are crucial for creating exceptional products.Join us in our quest to shape the future of AI!About the RoleAre you passionate about secure software engineering? Do you aspire to be at the forefront of AI innovation and security? Our North team at Cohere is on the lookout for a Senior Software Engineer focusing on security to join us in our mission and make a substantial impact. This is not merely an advisory position; you will take ownership of and deliver production-level security features that our clients rely upon daily.Your Role:As a Senior Software Engineer with a specialization in security, your contributions will be vital in architecting and securing North's infrastructure. Your responsibilities will encompass:Software Development: Actively participate in the core development of security features like OIDC/OAuth flows and session management, ensuring the security of North's AI agents.Secure Coding: Write robust code to manage OIDC tokens, user claims, and sensitive information, following best practices for JWT validation and encryption.Authentication and Data Protection: Implement authentication protocols, including user login, token management, and authorization checks to safeguard data integrity.Tool Integration: Integrate new security tools to enhance North's capabilities.DevSecOps: Design and execute secret management in Kubernetes clusters, focusing on encryption and role-based access control (RBAC).Cross-functional Collaboration: Utilize strong communication skills to convey security best practices to stakeholders clearly and effectively.You may be a great fit if:You have 5+ years of experience in building secure software applications.You possess a deep understanding of security protocols and practices.You are proficient in coding languages and frameworks relevant to security development.You have a track record of successful collaboration in cross-functional teams.

Location: Remote, Canada or US GitLab Inc. is hiring a Software Security Engineer to work remotely from Canada or the US. This role focuses on strengthening security across the GitLab product and developing tools that detect and prevent abuse on SaaS platforms. The position is part of the Trust and Safety team, which manages core abuse prevention systems and delivers features that help keep customers safe, such as Compromised Password Detection for GitLab.com. What you will do Implement security improvements directly within the GitLab product Develop and maintain tools to identify and prevent abuse on SaaS platforms Analyze abuse patterns and trends, designing systems to stop malicious user activity Support customer safety by building and maintaining prevention mechanisms Who this role suits This position is well suited to software engineers who want to move into security engineering. Experience working with large Ruby on Rails codebases is important. Formal security engineering experience is not required. Learn more Additional details about the Trust and Safety team and this role’s responsibilities can be found in the GitLab handbook and blog. For more on Compromised Password Detection, see this post.

About UsAt Coalition, we are pioneering the concept of Active Insurance, aimed at preventing digital risks before they materialize. Established in 2017, Coalition integrates extensive insurance coverage with cutting-edge cybersecurity tools, empowering businesses to effectively manage and mitigate potential cyber threats.Here, the opportunity to create meaningful impact through innovative thinking is not just a possibility, it's a daily reality.About the RoleWe are seeking a highly skilled Principal Software Engineer to join our Security Engineering organization. This pivotal role involves tackling Wirespeed’s most intricate detection and integration workflows. You will take full ownership of essential backend services and integrations, overseeing everything from architecture and design to implementation, rollout, and quality assurance. Enjoy the freedom to define the technical trajectory of Wirespeed’s detection and enrichment systems while acting as a technical multiplier for the engineering team.ResponsibilitiesDesign and implement core backend services and integrations that enhance Wirespeed’s detection and enrichment platform.Manage high-impact integrations with critical security tools (such as EDR, identity providers, and SIEMs), focusing on reliability, performance, and maintainability.Collaborate with detection engineering and security operations to convert detection strategies into robust, production-quality logic and pipelines.Establish technical standards for code quality, testing, and observability, ensuring consistent adoption through design and code reviews.Mentor and guide senior engineers, assisting them in navigating complex architectural decisions and developing scalable, secure solutions.

About Us:At Cohere, our mission is to enhance intelligence for the betterment of humanity. We specialize in training and deploying cutting-edge models for developers and enterprises, empowering them to create remarkable AI-driven experiences such as content generation, semantic search, retrieval-augmented generation (RAG), and intelligent agents. We believe our efforts are pivotal in advancing the widespread integration of AI.We take immense pride in our creations, and each team member plays a crucial role in enhancing our models and delivering exceptional value to our clients. Our culture is rooted in hard work and agility, always prioritizing the needs of our customers.Cohere brings together a diverse team of researchers, engineers, designers, and more, all deeply passionate about their respective fields. We recognize that a variety of perspectives is key to developing outstanding products.Join our mission to shape the future of AI!Why This Position Matters:Are you driven by a passion for secure software development? Do you aspire to be at the forefront of AI innovation while ensuring enterprise security? Join Cohere's North team as a Senior Software Engineer focused on security, and make a meaningful impact.Your Responsibilities:In this pivotal role, you will be instrumental in constructing and securing the architecture of North, our AI workspace platform. Your key responsibilities will include:Designing and deploying security features for North, our AI workspace platform.Creating autonomous agents capable of interacting securely with sensitive enterprise data.Developing minimal code that operates in low-resource environments, adhering to rigorous deployment standards.Integrating new tools to enhance the security features of North.Reinventing solutions as needed to meet stringent security and privacy requirements, sometimes necessitating the development of custom solutions.Conducting application security testing to ensure your code withstands real-world threats.Ideal Candidate Profile:5+ years of experience in software engineering with a solid emphasis on developing user-facing security features.Proficient in Python with a proven track record of deploying production-level code.Strong analytical skills and a problem-solving mindset, capable of tackling complex challenges within security frameworks.Familiarity with security testing methodologies and tools.

Discover OktaAt Okta, we are revolutionizing identity management. Our mission is to enable individuals to securely utilize any technology, anytime, on any device or application. Through our versatile Okta Platform and Auth0 Platform, we deliver secure access, authentication, and automation, placing identity at the forefront of business security and growth.We value diverse perspectives and experiences at Okta. We're not just seeking candidates who meet every requirement; instead, we are looking for lifelong learners who can enrich our team with their unique insights.Join us in creating a world where identity is in your hands.The TeamOur Workforce Identity Cloud Security Engineering group is at the cutting edge of innovation, turning visionary ideas into top-notch security software solutions that support large-scale, mission-critical applications. Our security engineering team possesses a unique skill set that merges security expertise with the ability to design, implement, and deploy security features seamlessly, enhancing product functionality without hindrance. We are committed to elevating customer safety and privacy through robust security services integrated with the Okta core product.The RoleWe are in search of a seasoned and enthusiastic Staff Software Security Engineer to join our Workforce Identity Cloud Security Engineering group. This role focuses on architecting and developing security solutions that strengthen our frameworks and infrastructure. You will be encouraged to implement defense-in-depth strategies, adhere to industry security standards, and uphold the principle of least privilege, thereby enhancing our security posture.This high-impact position is set within a security-focused, dynamic organization that is on the brink of significant growth and achievement. You will serve as a key liaison between the Security and Engineering teams, forging technical synergies and shaping the security roadmap. Your efforts will concentrate on enhancing security and privacy aspects across our services, executing on a weekly release schedule. You will have the autonomy to propose exciting new projects for our roadmap and engage in initiatives utilizing cutting-edge technologies. Join us and contribute to transforming the cloud computing landscape.What You Will DoCollaborate with engineering and security teams to define innovative security roadmap requirements.Advocate security best practices and promote secure coding methodologies.

Join our dynamic team at Opendoor as a Software Engineer in Security Engineering. In this pivotal role, you will be responsible for designing, implementing, and maintaining robust security systems to protect our platform and user data. You will collaborate with cross-functional teams to identify vulnerabilities and develop effective security measures. If you are passionate about software development and cybersecurity, we want to hear from you!

About the Role Elastic is looking for a Senior Software Engineer to join the Security Platform Team. This position focuses on building and improving security solutions that help safeguard customer data and maintain system integrity. What You Will Do Design, develop, and enhance software for the Security Platform Work closely with teams across engineering, product, and operations Participate in code reviews to support quality and maintainability Contribute to agile development processes Location This role is open to candidates based in Canada.

About UsSophos is at the forefront of cybersecurity, delivering cutting-edge solutions designed to combat and thwart cyber threats. Following the acquisition of Secureworks in February 2025, we have merged two industry pioneers to transform the cybersecurity landscape with our innovative, AI-optimized services. As the largest dedicated provider of Managed Detection and Response (MDR), we serve over 28,000 organizations worldwide. Our comprehensive portfolio encompasses top-tier endpoint, network, email, and cloud security solutions that seamlessly integrate through the Sophos Central platform. With Secureworks' market-leading Taegis XDR/MDR, our offerings also include identity threat detection and response (ITDR), next-gen SIEM capabilities, and extensive advisory services. We protect more than 600,000 entities globally from phishing, ransomware, data breaches, and various cyber crimes, backed by real-time threat intelligence from our Sophos X-Ops and the Counter Threat Unit (CTU). Our headquarters are located in Oxford, U.K. For more details, visit www.sophos.com.Role Overview We are seeking a talented Senior Software Engineer to spearhead the product development lifecycle within our AI security team. In this role, you will be responsible for architecting and delivering AI-driven products, including LLM workflows, automation systems, and intelligent software, across both frontend and backend environments. This position offers a high degree of autonomy and encourages proactive problem-solving; you will have the opportunity to define challenges, make swift decisions, and exercise strong engineering judgment, directly influencing our approach to scaling and enhancing software solutions powered by AI.

About the Role MongoDB is looking for a Senior Software Engineer to join the Server Security team in Toronto. This group sits at the heart of MongoDB’s engineering organization, building security features that help users protect their data worldwide. The work spans core elements of the MongoDB database, with a focus on security, reliability, and performance. What You Will Work On Cryptography: Develop and maintain cryptographic features such as Queryable Encryption, at-rest encryption, and other foundational crypto components. Identity & Access: Design and improve authentication and authorization systems, manage TLS, and handle X.509 certificate processes. Network Security: Build high-performance networking protocols using PKI, hashing, and certificate revocation lists (CRLs). System Integrity: Strengthen resilience, observability, and compliance across MongoDB’s distributed database infrastructure. Team Culture The Server Security team values inclusivity, diversity, and close collaboration. Engineers here apply distributed systems concepts to advance the security of a widely used database platform. The work supports application developers, system architects, and database administrators around the globe.

About Tailscale Tailscale is revolutionizing the Internet by providing software that facilitates secure connections between individuals and their devices, regardless of their location. Our platform is utilized daily by everyone from hobbyists to multinational corporations, helping teams of all sizes safeguard their networks and access internal tools seamlessly. Founded in 2019, our fully distributed team is backed by prominent investors including Accel, CRV, Insight, Heavybit, and Uncork Capital, and we are committed to creating a sensible and safe future for the Internet.Job DescriptionWe are on the lookout for a skilled Security Software Engineer to join our product security team. This role is critical for advancing Tailscale’s mission while enhancing user safety. Candidates should possess the ability to think critically, collaborate with highly technical teams, and thrive in an asynchronous work environment.

At Vanta, we are dedicated to helping businesses cultivate and demonstrate trust by prioritizing security that is continuously monitored and verified. Our mission empowers companies to enhance their security practices and showcase their commitment effortlessly. Join our supportive and skilled team, where individuals from diverse backgrounds thrive—many have succeeded at Vanta without prior security experience.About the Role:As a key member of Vanta’s Infrastructure & Security team, you will play a vital role in building a robust platform that ensures the scalability, performance, and reliability of our core systems. With our rapidly expanding customer base, we require infrastructure that evolves alongside us, without sacrificing speed or developer efficiency. You'll engage in projects involving distributed systems, infrastructure components, and security upgrades, enabling our engineers to deliver dependable software at scale.Your contributions will significantly impact product engineering across the board. Our initiatives simplify the process for engineers to identify bugs, develop features, and provide value to our clients swiftly and securely.At Vanta, we harness modern frameworks and tools such as TypeScript, React, Node.js, MongoDB, GitHub Actions, and a variety of AWS services like Fargate and ECS to design and develop new product functionalities and infrastructure.If you're excited about the intersection of infrastructure and security, we would love to connect with you.To learn more about our team's work, visit our Vanta Engineering Blog.Your Responsibilities Will Include:Designing and constructing scalable infrastructure to facilitate rapid increases in data volume, service utilization, and engineering productivity.Leading projects concerning our cloud infrastructure, encompassing container orchestration (e.g., AWS Fargate, ECS), monitoring and alerting systems, networking, and database upkeep.Implementing and maintaining essential security infrastructures and controls, including service-to-service authentication, secrets management, application security features (e.g., rate limiting, encryption libraries), and infrastructure hardening.Identifying and resolving intricate security challenges to bolster our systems.

At Confluent, we are not just enhancing technology; we are transforming the way data is utilized. Our innovative platform enables real-time data streaming, allowing businesses to adapt swiftly, create intelligently, and offer experiences that resonate with the ever-changing world.We believe in the power of teamwork and collaboration. Our ideal candidates are those who ask challenging questions, provide constructive feedback, and support one another—no egos, no lone wolves. Just smart, inquisitive individuals working together toward a greater goal.About the Role:As a vital member of our Product Security team, you will play a crucial role in developing impactful security features for Confluent Cloud and enhancing our security platform. Your responsibilities will include designing and implementing identity and access management functionalities, along with scalable authentication and authorization methods such as OAuth, mTLS, RBAC, and ABAC. You will collaborate closely with product, engineering, and InfoSec teams to create seamless yet secure solutions, directly contributing to the enhancement of Confluent Cloud's security framework and ensuring an effortless experience for our users.What You Will Do:Lead the execution of projects independently and deploy them to production with a strong emphasis on quality and customer impact.Work collaboratively with a high-performing team and cross-functional partners to make decisions that benefit both the team and the organization.Diagnose issues, conduct root cause analysis, and enhance operations for complex problems that span multiple cloud environments.Develop clean, well-documented, and maintainable code that complies with established team standards and security best practices.Create value for customers by addressing their most challenging issues.What You Will Bring:2-5 years of relevant experience in software, product, and/or security engineering.Strong fundamentals in the design and development of distributed systems.Experience in building and managing large-scale systems in the cloud.Solid understanding of fundamental systems operations including disk, network, and operating systems.Proficiency in programming languages such as Java, Scala, C/C++, Go, or other statically typed languages.

At GitLab, we are not just an open-core software company; we are pioneers in developing the most advanced AI-powered DevSecOps Platform that serves over 100,000 organizations worldwide. Our mission is to empower individuals to contribute to and co-create the software that drives our modern world. By transforming consumers into contributors, we significantly accelerate human progress. Our platform bridges the gaps between teams and organizations, revolutionizing the possibilities in software development. Our innovative products, including Duo Enterprise and Duo Agent Platform, provide AI advantages at every phase of the Software Development Life Cycle (SDLC).We embrace AI as an essential productivity enhancer, encouraging all team members to integrate AI into their daily tasks to boost efficiency, foster innovation, and make a substantial impact. At GitLab, you will find a culture where careers thrive, innovation is celebrated, and every voice is heard. Our commitment to high performance is aligned with our core values and continuous knowledge sharing, allowing our team to reach their full potential while collaborating with industry experts to tackle complex challenges. Join us in co-creating the future as we develop technology that reshapes how software is created around the globe.Role OverviewAs the Principal Engineer for Software Supply Chain Security, you will be at the forefront of defining and executing the technical strategy that secures the construction and delivery of software on GitLab’s DevSecOps platform. You will provide architectural direction across multiple engineering teams, collaborating closely with infrastructure and CI/CD teams to fortify our pipelines, infrastructure, and access layers. Your contributions will play a critical role in shaping GitLab’s enterprise security framework within the rapidly evolving software supply chain security landscape. You will prioritize SLSA Level 3 compliance, secrets management, CI/CD security enhancements, and the foundational elements of GitLab’s global zero trust architecture. Additionally, you will mentor Staff Engineers and individual contributors, guiding essential technical decisions while acting as a key spokesperson for GitLab’s secure, mission-critical SaaS that supports millions of pipelines.Examples of our ongoing projects include:Achieving SLSA Level 3 compliance and provenance attestation across GitLab's offerings...

Join our innovative team as a Senior Sales Engineer specializing in Data & AI Security. In this dynamic role, you will leverage your technical expertise and sales acumen to provide cutting-edge solutions to our clients. You will work closely with our sales team to drive growth and enhance customer satisfaction by demonstrating the value of our advanced data protection and AI-driven security technologies.As a key player in our organization, you will engage with clients to understand their needs, deliver tailored presentations, and provide hands-on support during the implementation of our solutions. Your ability to communicate complex technical concepts to non-technical stakeholders will be crucial in helping our clients realize the full potential of our offerings.

Join Veeam Software as a Senior Sales Engineer specializing in Data & AI Security. In this pivotal role, you will leverage your expertise to drive sales and provide technical solutions that address our clients' data security challenges. You will collaborate closely with sales teams and clients to ensure that our advanced solutions meet their unique needs.

Join Movable Ink as a Product Security Engineer and play a pivotal role in safeguarding our codebases, CI/CD pipelines, and overall development practices. In this hands-on position, you'll adopt a security-first mindset while collaborating with engineering teams to streamline software delivery while minimizing risk. Your expertise will be crucial in enhancing automation processes that protect our code and infrastructure, especially in the face of rising threats from AI coding tools and supply chain attacks. This role is vital for proactively identifying and mitigating vulnerabilities before they are deployed to production.

Samsara builds Connected Operations Cloud technology that supports organizations in agriculture, construction, field services, transportation, and manufacturing. The platform uses IoT data to help these industries improve safety, efficiency, and sustainability. As a public company, Samsara empowers team members to influence the future of physical operations, offering both independence and support. Role overview The Senior Security Engineer - Enterprise Security focuses on building, operating, and maintaining security infrastructure for Samsara’s corporate environment. This position collaborates with a global engineering team to develop a security engineering program that follows current best practices. What you will do Work with stakeholders to design security solutions that balance protection with usability Develop automated alerting and response tools for security events Contribute insights on potential threats in production environments Mentor and support junior engineers within the security team Requirements Experience with a range of security technologies and practices Ability to collaborate with global engineering teams Strong communication skills for partnering with stakeholders Located in Canada within the Pacific Standard Time zone This is a fully remote position based in Canada, limited to candidates within the Pacific Standard Time zone.

Join Homebase as a Staff Security Engineer specializing in Application Security in a hybrid work environment. In this pivotal role, you will be responsible for enhancing our security posture while ensuring that our applications remain safe and secure. You will collaborate with cross-functional teams to identify vulnerabilities, implement security controls, and promote best practices in application development.We seek a proactive individual who is passionate about cybersecurity and eager to contribute to building robust security solutions. You will play a key role in shaping the security framework of our applications.

About RootlyAt Rootly, we are dedicated to transforming how organizations respond to incidents, striving to enhance reliability across all sectors. Our cutting-edge incident management platform empowers companies globally to address incidents swiftly and effectively. We're not just redefining an industry; we're pioneering a new multi-billion dollar segment and require exceptional talent to help us realize this ambitious vision.Our clients include some of the fastest-growing names in the world, such as NVIDIA, Figma, Canva, Tripadvisor, and Squarespace, who trust Rootly to streamline their critical incident management processes. They appreciate our robust, enterprise-ready platform and collaborative partnership model, consistently rating us 5 stars on G2.Our investors share our enthusiasm. Backed by prominent funds including Y Combinator, along with industry leaders from Dropbox and GitHub, we prioritize transparency in our culture. Monthly financial reviews keep our team informed about the business's health, and our weekly changelog keeps everyone updated on our developments.About the RoleAs a Senior Security Engineer, you will be instrumental in advancing our security initiatives, working closely with diverse teams to ensure the reliability and scalability of our products. You will design systems, tools, and solutions that secure our mission-critical applications while contributing to organization-wide efforts to automate, optimize, and enhance our security protocols.Develop security solutions that not only meet rigorous standards but also exceed the expectations of our developers and customers.Play a key role in vital security initiatives, including identity and access management, vulnerability management, incident response, security control implementation, and infrastructure security.Collaborate closely with engineering teams to deliver secure, reliable, and scalable solutions for our valued customers.With our expanding customer base, tackle intriguing technical challenges to scale our product effectively.Participate in the on-call rotation, swiftly addressing and resolving security incidents as they occur.