Senior Security Engineer

Summary:
Cobalt AI uses automation to elevate physical safety and security in the workplace. Our
platform, Cobalt Monitoring Intelligence, is a hybrid AI system, cloud-hosted with edge-deployed hardware, that provides human-verified, real-time monitoring of surveillance cameras, alarms, and robots across enterprise locations.

Cobalt is seeking a Senior Security Engineer to internalize and expand our security program during a pivotal growth phase. In this role, you will collaborate with engineering leads and security advisors to manage comprehensive operations, from overseeing endpoint and cloud infrastructure to driving SOC 2 audit readiness. You will be responsible for streamlining the customer questionnaire process for Fortune 1000 engagements while maintaining the robust vulnerability management lifecycle necessary to protect our hybrid AI platform.

Responsibilities:
- Run Cobalt's endpoint and cloud asset security stack across managed laptops,
desktops, and cloud infrastructure — including EDR, vulnerability management, and
continuous compliance monitoring tooling
- Administer Cobalt's compliance automation platform as the system of record for controls
and evidence — manage personnel records, reconcile against HRIS and identity
provider data, and handle edge cases outside the primary HRIS
- Own end-to-end onboarding and offboarding security across employees, contractors,
and external partners — verify new hires complete security gating before access is
provisioned, apply the right requirements for each personnel tier, and close out access
promptly when people leave
- Triage alerts from EDR, SIEM, and the vulnerability scanner; recommend patches, file
risk acceptances, and gather evidence to close out remediations
- Co-own Cobalt's SOC 2 program — coordinate with auditors, gather evidence from
internal teams, and run control testing (SSO, IAM, change management, access
reviews) ahead of fieldwork
- Maintain Cobalt's security policies (vulnerability management, logging and monitoring,
incident response, access control), keep them current as the business evolves, and draft
new policies when we identify gaps
- Own the customer security questionnaire pipeline — partner with Sales, GTM, and
product leads to turn around SIG, CAIQ, and bespoke vendor assessments quickly and
accurately
- Run vendor security reviews for new software and services Cobalt adopts, with clear
turnaround expectations and a process the rest of the company can rely on
- Triage suspected phishing reports and serve as incident manager when something
happens — scope, contain, document, and run the postmortem
- Own annual security awareness training rollout and tracking across the company

- Partner with Engineering to secure the Cobalt Monitoring Intelligence platform at the
edge and bring security perspective into design and code review
- Support pen test engagements end-to-end: scoping, remediation tracking, and re-test
follow-up

Qualifications:
- 5+ years in a security engineering, security analyst, or IT security role at a SaaS, cloud,
or enterprise software company
- Hands-on experience running endpoint security and compliance tooling — EDR,
vulnerability management, and continuous compliance monitoring platforms — in a
regulated environment
- Strong working knowledge of SOC 2 Type II controls and direct experience supporting
an audit cycle (evidence collection, control testing, auditor coordination)
- Experience answering customer security questionnaires (SIG, CAIQ, or bespoke) with
technical accuracy and customer-friendly framing
- Proficiency with cloud security fundamentals — IAM, network controls, logging, and
common attack surfaces — plus solid scripting in Python or Bash
- BS in Computer Science, Information Security, or equivalent professional experience
- Proven experience collaborating with cross-functional teams and promoting a culture of
sharing security knowledge

Why Work for Us?:
You'll join a team of smart, dedicated engineers in an environment that doesn't take itself too seriously. The work is genuinely interesting: security robots, real-time camera streams, and powerful hardware you actually get to touch. Competitive salary, equity, and full benefits (medical, vision, dental). Flexible work arrangements. A proven platform, an expanding customer base, and the opportunity to shape the engineering org at an inflection point.

Salary Range: $160k - $190k (actual compensation will be determined based on experience, location, and other factors permitted by law)

Cobalt AI is an equal employment opportunity employer and values diversity. Qualified
candidates are considered for employment without regard to race, religion, gender, gender
identity, sexual orientation, national origin, age, military or veteran status, disability, or any other characteristic protected by applicable law.