Security Engineer

• Secure the agent execution surface: Design and harden the sandboxing, isolation, and runtime controls that let Devin safely execute untrusted code and use tools across long-horizon tasks.
• Own product and infrastructure security: Lead threat modeling, secure design reviews, and vulnerability management across Devin, Windsurf, and the underlying infrastructure they run on.
• Build security tooling that engineers actually use: Create internal systems for secrets management, identity and access, dependency security, and detection that integrate naturally into how the team ships.
• Lead incident response and detection: Build the detection pipeline, run incident response, and turn every event into systemic improvements.
• Drive customer trust: Partner with go-to-market and legal teams to support compliance and customer trust initiatives. Build the controls that customers expect from a tool deeply embedded in their engineering workflow.

Do you have experience in Vulnerability management?, Do you have a Bachelor's degree?, * Deep security engineering: Hands-on experience across product security, infrastructure security, and detection and response.

• Strong software engineering fundamentals: Security at Cognition means writing real code; proficiency in Python, Rust, Go, and comfort owning complex systems codebases.
• Cloud security expertise: Practical experience securing Kubernetes, cloud platforms (AWS, GCP, or Azure), and multi-tenant compute environments.
• Web security expertise: Hands-on experience hardening complex, modern web applications.
• Threat modeling and adversarial thinking: You can look at a system and quickly identify how it breaks; you think like an attacker and design like a defender.
• Incident response: Calm, methodical, and effective under pressure; experience leading incidents end to end and driving the fixes that follow.
• Comfort with novel problem spaces: You are excited rather than intimidated by the security challenges unique to autonomous agents and AI-native developer tools.
• Relevant industry experience: Prior experience at a frontier AI lab, applied AI company, or developer tools company. You know what good looks like in this category.
• Degree from a top-tier university: BS, MS, or equivalent in Computer Science, Mathematics, Engineering, or a related technical discipline from a highly selective program.

$260,000 - $300,000 a year - Full-time, Pulled from the full job description

• Health insurance
• 401(k) matching
• Vision insurance
• Dental insurance, * Base Salary: $260,000 - $300,000 + significant early-stage equity
• Medical, Dental, Vision: Fully paid for you and your dependents
• 401(k): Company match included

Cognition is an applied AI lab building end-to-end software agents. We are behind Devin, the first AI software engineer, and Windsurf, an AI-native IDE. Our vision is AI that works alongside engineers as a genuine teammate, not a tool. We are a small, talent-dense team of competitive programmers, former founders, and researchers from Scale AI, Palantir, Cursor, Google DeepMind, and others. Role Mission Security Engineers at Cognition own one of the most interesting security surfaces in the industry. Devin executes arbitrary code on behalf of users across millions of sandboxed sessions. Windsurf operates inside developer environments at scale. Both products handle highly sensitive customer code, credentials, and infrastructure access. You will help define what security looks like for AI-native developer tools and build the controls, systems, and culture that let Cognition ship fast without compromising on safety. This is a role for engineers who want to do hands-on, high-leverage security work at the edge of what is being figured out for the first time.