CoreWeave · 14 hours ago
Senior Security Engineer, Vulnerability Management
Sunnyvale, CA
Full-time
Hybrid
Senior Level
$139K/yr - $242K/yr
7+ years expCoreWeave is The Essential Cloud for AI™, delivering a platform of technology and tools for innovators to build and scale AI with confidence. They are seeking a Senior Security Engineer to build the Vulnerability Management program that protects their AI infrastructure, focusing on architecting intelligent automation systems and solving security problems related to cloud-scale infrastructure and specialized hardware.
AI InfrastructureArtificial Intelligence (AI)Cloud ComputingCloud InfrastructureInformation TechnologyMachine Learning
No H1B
U.S. Citizen Only
Responsibilities
Build and scale AI-powered triage workflows: evaluate tools (LLM integration, TINES orchestration), architect solutions, and deploy to production
Drive intelligent, risk-based vulnerability prioritization while simultaneously training AI models—your assessments become the foundation for automation
Influence automation priorities: recommend which areas of the vulnerability pipeline would most benefit from automation to improve team efficiency
Design and implement automated detection-to-ticket pipelines: build workflows that generate vulnerability detections, test them, scale across the environment, and auto-create Jira tickets
Execute remediation campaigns: build automated workflows for EOL product removal, vulnerable software upgrades, and OS migrations at scale
Manage embargoed vendor disclosures from hardware partners, including embargo verification and zero-day response coordination
Lead security incident investigations related to high-profile vulnerabilities, coordinating cross-functional response and impact assessment
Participate in on-call rotation for rapid-response vulnerability analysis during active zero-day events or critical security incidents
Partner with IT, Infrastructure, and Engineering teams to drive remediation efforts, enforce SLAs, and escalate blockers strategically
Write daily operations reports documenting vulnerability trends, remediation velocity, and emerging threats for security leadership
Drive process improvements and workflow automation to improve operational efficiency and reduce manual toil
Qualification
Required
7+ years of relevant experience with demonstrated impact in vulnerability management, application security, platform security, or cloud security engineering
Proven hands-on experience building security automation (SOAR workflows, detection pipelines, or vulnerability prioritization frameworks)
Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, exploit intelligence, and compensating controls
Strong development background with proficiency in Python, Go, or similar languages for building production-grade security tools
Experience with modern vulnerability management tooling such as Wiz, Semgrep, Rapid7, or similar platforms
Demonstrated ability to partner with cross-functional teams (IT, SRE, Engineering) to drive remediation without formal authority
Strong familiarity with common security vulnerabilities and the ability to judge their severity and business impact
Preferred
Practical experience building AI/ML-powered security workflows (LLM integration, automated triage, human-in-the-loop validation)
Experience managing hardware security vulnerabilities (GPU/DPU firmware, BMC/IPMI, specialized compute environments)
Production experience with security automation platforms such as TINES, Splunk SOAR, or serverless frameworks (AWS Lambda)
Strong DevOps, DevSecOps, or SRE background with experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation)
Deep understanding of container security and Kubernetes (image scanning, admission control, runtime protection, supply chain security)
Experience supporting customer audits (SOC 2, ISO 27001, FedRAMP) with vulnerability evidence and control validation
Experience integrating vulnerability management into modern CI/CD pipelines with a 'shift-left' mentality
Benefits
Medical, dental, and vision insurance - 100% paid for by CoreWeave
Company-paid Life Insurance
Voluntary supplemental life insurance
Short and long-term disability insurance
Flexible Spending Account
Health Savings Account
Tuition Reimbursement
Ability to Participate in Employee Stock Purchase Program (ESPP)
Mental Wellness Benefits through Spring Health
Family-Forming support provided by Carrot
Paid Parental Leave
Flexible, full-service childcare support with Kinside
401(k) with a generous employer match
Flexible PTO
Catered lunch each day in our office and data center locations
A casual work environment
A work culture focused on innovative disruption
Company
CoreWeave
CoreWeave is a cloud-based AI infrastructure company offering GPU cloud services to simplify AI and machine learning workloads.
1001-5000 employees
Funding
Current Stage
Public CompanyTotal Funding
$26.87BKey Investors
NVIDIAGoldman Sachs,JP Morgan Chase,Morgan Stanley,MUFG Union BankJane Street Capital
2026-01-26Post Ipo Equity· $2B
2025-12-08Post Ipo Debt· $2.54B
2025-11-12Post Ipo Debt· $2.5B
Leadership Team
Michael Intrator
Chief Executive Officer
Brannin McBee
Founder & CDO
Recent News
2026-02-06
The Motley Fool
2026-02-05
Company data provided by crunchbase