GRC Specialist

Who are we

Our mission is to scale intelligence to serve humanity. Were training and deploying frontier models for developers and enterprises who are building AI systems to power magical experiences like content generation semantic search RAG and agents. We believe that our work is instrumental to the widespread adoption of AI.

We obsess over what we build. Each one of us is responsible for contributing to increasing the capabilities of our models and the value they drive for our customers. We like to work hard and move fast to do whats best for our customers.

Cohere is a team of researchers engineers designers and more who are passionate about their craft. Each person is one of the best in the world at what they do. We believe that a diverse range of perspectives is a requirement for building great products.

Join us on our mission and shape the future!

Why this role

The Governance Risk and Compliance (GRC) team at Cohere operates as a centralized function within the Security organization leading efforts across governance risk management and compliance. This team is instrumental in reinforcing customer trust ensuring adherence to regulatory requirements and advancing robust internal governance and control practices across Cohere.

This role offers the opportunity to help build and shape Coheres compliance and governance foundation. As expectations around security privacy public sector readiness and responsible AI continue to evolve this individual will play a key role in translating complex requirements into scalable programs practical controls and durable governance processes. It is a high-impact role for someone eager to work at the intersection of security compliance technology and AI governance and to help enable responsible growth in a fast-moving environment.

This is not a purely policy-focused GRC role. Were looking for someone who can pair compliance expertise with practical technical problem-solving including automation lightweight tool building and process improvement.

What youll do

• Build implement and scale compliance programs controls and processes across frameworks and regulatory requirements including SOC 2 ISO 27001 HIPAA ISO 42001 Product Compliance and FedRAMP/DoD (others)

• Support and mature compliance efforts related AI governance including work aligned to ISO 42001 and the EU AI Act

• Drive compliance readiness for FedRAMP DoD and related public sector requirements while supporting broader enterprise and customer-facing compliance obligations

• Partner with Security Engineering Modeling Product Legal and other cross-functional teams to translate requirements into practical scalable controls

• Improve compliance operations through automation tooling and scalable workflows

• Help build scripts or lightweight tools for evidence collection reporting control tracking and audit readiness

• Manage cross-functional projects timelines remediation efforts and audit preparation

• Support audits assessments and customer or regulatory compliance requests.

What were looking for

Youll ideally have 5 years of progressive experience in the following:

• Building and scaling compliance programs across multiple frameworks and regulatory requirements including SOC 2 ISO 27001 HIPAA with extensive experience in FedRAMP DoD and public sector or highly regulated environments

• AI governance and frameworks such as ISO 42001

• Strong project management and cross-functional execution skills

• Technical fluency and comfort working with Engineering and Security teams

• Automation workflow tooling or process design; some hands-on experience with Python or similar scripting for lightweight automation is a plus

• Strong written communication organization and attention to detail.

Nice to have

• Experience designing and implementing mature risk management frameworks including FAIR quantitative risk methodologies and other structured enterprise risk models

• Consulting experience in regulated environments including multi-jurisdictional compliance programs and regulatory requirements across the U.S. and international markets

• Experience with additional frameworks such as NIST CSF NIST RMF NIST AI RMF CMMC or similar standards

• Experience working in cloud-native SaaS or highly technical product environments

• Experience preparing reports metrics and presentations for senior leadership including communicating compliance posture program progress and risk insights to executive stakeholders.

If some of the above doesnt line up perfectly with your experience we still encourage you to apply!

If some of the above doesnt line up perfectly with your experience we still encourage you to apply!

We value and celebrate diversity and strive to create an inclusive work environment for all. We welcome applicants from all backgrounds and are committed to providing equal opportunities. Should you require any accommodations during the recruitment process please submit an Accommodations Request Form and we will work together to meet your needs.

Full-Time Employees at Cohere enjoy these Perks:

An open and inclusive culture and work environment

Work closely with a team on the cutting edge of AI research

Weekly lunch stipend in-office lunches & snacks

Full health and dental benefits including a separate budget to take care of your mental health

100% Parental Leave top-up for up to 6 months

Personal enrichment benefits towards arts and culture fitness and well-being quality time and workspace improvement

Remote-flexible offices in Toronto New York San Francisco London and Paris as well as a co-working stipend

6 weeks of vacation (30 working days!)

Required Experience:

IC