GRC Analyst
Job Description
Who are we?
Our mission is to scale intelligence to serve humanity. We’re training and deploying frontier models for developers and enterprises who are building AI systems to power magical experiences like content generation, semantic search, RAG, and agents. We believe that our work is instrumental to the widespread adoption of AI.
We obsess over what we build. Each one of us is responsible for contributing to increasing the capabilities of our models and the value they drive for our customers. We like to work hard and move fast to do what’s best for our customers.
Cohere is a team of researchers, engineers, designers, and more, who are passionate about their craft. Each person is one of the best in the world at what they do. We believe that a diverse range of perspectives is a requirement for building great products.
Join us on our mission and shape the future!
About the Role:
As a GRC Analyst at Cohere, you will be at the forefront of protecting our Enterprise AI solutions, managing technology and security risks, and supporting compliance initiatives. Your role is critical in maintaining the integrity of Cohere’s internal control environment. Collaborating with cross-functional teams—including Engineering, Security, IT, Legal, Sales, and others—you will uphold our compliance standards, grow to be a trusted advisor, facilitate audits, and drive continuous improvement of Cohere’s GRC program.
This is a unique opportunity to join a key player in the rapidly evolving AI industry, where enterprise adoption is soaring. Cohere is at the forefront of this transformative moment, and we’re seeking proactive, go-getter candidates who are ready to dive into every GRC-related initiative. While experience is valuable, we also prioritize enthusiasm and a hands-on attitude, as you’ll be deeply involved in shaping and executing our GRC efforts. Join us and play a pivotal role in securing Cohere’s future in AI.
Key Responsibilities:
Develop and Enhance the GRC Program: Assist in the creation, implementation, and ongoing maintenance of Cohere’s Governance, Risk, and Compliance (GRC) program.
Align Security Measures with Frameworks: Evaluate Cohere’s comprehensive security measures to ensure alignment with industry standards such as NIST 800-171, ISO 27001, SOC 2, and regulatory requirements.
Implement Tailored Risk Controls: Support the design and deployment of risk mitigation controls specific to Cohere’s unique AI and data processing environment.
Conduct Control Assessments and Audits: Assist in executing internal audits and control assessments to ensure compliance with internal policies, regulatory mandates, and customer requirements.
Perform Third-Party Risk Assessments: Collaborate with cross-functional teams to evaluate risks associated with third-party vendors and partners.
Maintain GRC Documentation: Ensure policies, standards, and procedures are regularly updated and accurately reflect Cohere’s GRC practices.
Support Risk Management: Identify, assess, track, and report risks to strengthen Cohere’s Risk Management program.
Respond to External Inquiries: Address questions from customers, auditors, partners, and other stakeholders regarding Cohere’s security program.
Monitor Regulatory and Industry Trends: Stay informed on emerging regulations and best practices, recommending adjustments to the GRC program as needed.
Report GRC Metrics: Collect, analyze, and present key performance metrics for GRC initiatives, providing actionable insights to leadership and stakeholders.
You May Be a Good Fit If:
You have 1+ years of experience in Governance, Risk, and Compliance roles, with a focus on security and data privacy in AI or technology-driven SaaS environments.
You have written technical policies, procedures, standards with focus on Security.
You are familiar with varying frameworks (e.g., NIST, ISO 27001, ISO 42001) and compliance regulations (HIPAA, GDPR, CCPA, EU AI Act).
You have an understanding of cloud security concepts and industry best practices, particularly in AI and data-intensive environments.
You have been exposed to some scripting experience (e.g., Python, PowerShell) to automate recurring tasks and streamline GRC processes.
You thrive in ambiguous environments, making informed decisions with limited data and adapting quickly to evolving regulatory landscapes.
You can communicate complex compliance concepts clearly to both technical and non-technical audiences, building trust and alignment across teams.
You have excellent written and verbal communication skills, with the ability to create and present reports, policies, and recommendations effectively.
Note: This post is co-authored by both Cohere humans and Cohere technology.
If some of the above doesn’t line up perfectly with your experience, we still encourage you to apply! If you want to work really hard on a glorious mission with teammates that want the same thing, Cohere is the place for you.
We value and celebrate diversity and strive to create an inclusive work environment for all. We welcome applicants from all backgrounds and are committed to providing equal opportunities. Should you require any accommodations during the recruitment process, please submit an Accommodations Request Form, and we will work together to meet your needs.
Full-Time Employees at Cohere enjoy these Perks:
🤝 An open and inclusive culture and work environment
🧑💻 Work closely with a team on the cutting edge of AI research
🍽 Weekly lunch stipend, in-office lunches & snacks
🦷 Full health and dental benefits, including a separate budget to take care of your mental health
🐣 100% Parental Leave top-up for 6 months for employees based in Canada, the US, and the UK
🎨 Personal enrichment benefits towards arts and culture, fitness and well-being, quality time, and workspace improvement
🏙 Remote-flexible, offices in Toronto, New York, San Francisco and London and co-working stipend
✈️ 6 weeks of vacation
Note: This post is co-authored by both Cohere humans and Cohere technology.
