Note: The job is a remote job and is open to candidates in USA. CoreWeave is The Essential Cloud for AI™, providing a platform that enables innovators to build and scale AI with confidence. The Staff Security Engineer will lead complex technical work in the Vulnerability Management program, focusing on designing and implementing scalable systems and mentoring engineers.
Responsibilities
- Lead high-complexity VM technical initiatives and deliver architecture decisions for assigned program areas
- Design and build scalable triage automation, including integrations, decision logic, and production hardening
- Implement end-to-end workflow components from assessment and detection to ticket routing and remediation tracking
- Provide deep technical leadership on hardware-adjacent vulnerabilities (GPU firmware, DPU firmware/BlueField, and BMC surfaces)
- Act as senior technical responder for embargoed disclosures and zero-day events, coordinating with owner teams that deploy fixes
- Improve prioritization logic, severity models, and exception workflows through code, design reviews, and technical proposals
- Produce actionable technical metrics and risk insights for leadership consumption
- Lead root-cause analysis for high-impact vulnerability incidents and implement durable technical improvements
- Mentor IC3/IC4/IC5 engineers through design guidance, code review, and incident coaching
- Partner with security, engineering, and operational stakeholders to improve workflow reliability and accelerate remediation outcomes
Skills
- 9+ years of relevant experience with demonstrated strategic impact in vulnerability management, application security, platform security, or cloud security engineering
- Proven track record building and scaling security automation (SOAR workflows, AI/ML systems, detection pipelines) in production environments
- Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, threat intelligence integration, and risk-based prioritization frameworks
- Excellent development background with strong coding skills in Python, Go, or similar languages for building scalable, production-grade security systems
- Significant experience with modern vulnerability management tooling (for example Wiz, Semgrep, Rapid7, Tenable, or equivalent)
- Experience with specialized infrastructure: GPU/DPU environments, firmware security, hardware vulnerabilities, or high-performance computing
- Demonstrated track record mentoring engineers across levels and driving cross-functional technical initiatives at organizational scale
- Strong business acumen and understanding of how security decisions impact engineering velocity, customer trust, and business outcomes
- Practical experience building AI/ML-powered security systems (LLM integration, automated decision-making, human-in-the-loop validation) in production
- Experience managing hardware vendor security partnerships (embargoed disclosures and pre-release collaboration)
- Production experience with security automation platforms such as TINES and serverless frameworks (AWS Lambda, GCP Cloud Functions)
- Strong DevOps, DevSecOps, or SRE background with deep experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation)
- Deep understanding of Kubernetes security (container scanning, admission controllers, supply chain security, runtime protection)
- Experience leading security programs through rapid hypergrowth (10x+ infrastructure scaling) in startup or cloud-native environments
- Practical experience managing vulnerabilities within a FedRAMP-certified environment or similar regulatory frameworks
Benefits
- Discretionary bonus
- Equity awards
- Comprehensive benefits program (all based on eligibility)
- Medical, dental, and vision insurance - 100% paid for by CoreWeave
- Company-paid Life Insurance
- Voluntary supplemental life insurance
- Short and long-term disability insurance
- Flexible Spending Account
- Health Savings Account
- Tuition Reimbursement
- Ability to Participate in Employee Stock Purchase Program (ESPP)
- Mental Wellness Benefits through Spring Health
- Family-Forming support provided by Carrot
- Paid Parental Leave
- Flexible, full-service childcare support with Kinside
- 401(k) with a generous employer match
- Flexible PTO
- Catered lunch each day in our office and data center locations
- A casual work environment
- A work culture focused on innovative disruption
- Remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets
Company Overview