Security Engineer at Cognition

📋 Description

• Secure the agent execution surface: Harden sandboxing, isolation, and runtime controls for Devin.
• Own product and infrastructure security: Lead threat modeling, secure design reviews, and vulnerability management across Devin, Windsurf, and the underlying infrastructure they run on.
• Build security tooling engineers actually use: Create internal systems for secrets management, identity and access, dependency security, and detection that integrate naturally into how the team ships.
• Lead incident response and detection: Build the detection pipeline, run incident response, and turn every event into systemic improvements.
• Drive customer trust: Partner with go-to-market and legal teams to support compliance and customer trust initiatives. Build the controls that customers expect from a tool deeply embedded in their engineering workflow.

🎯 Requirements

• Deep security engineering: Hands-on experience across product security, infrastructure security, and detection and response.
• Strong software engineering fundamentals: Proficiency in Python, Rust, Go, and owning complex systems codebases.
• Cloud security expertise: Kubernetes, cloud platforms (AWS, GCP, or Azure), and multi-tenant compute environments.
• Web security expertise: Hands-on experience hardening complex, modern web applications.
• Threat modeling and adversarial thinking: You can look at a system and quickly identify how it breaks; you think like an attacker and design like a defender.
• Incident response: Calm, methodical, and effective under pressure; experience leading incidents end to end and driving the fixes that follow.

🎁 Benefits

• Medical, Dental, Vision: Fully paid for you and your dependents.
• 401(k): Company match included.
• Perks: Private chef, cozy slippers, endless snacks, and more.