Staff Security Engineer, Vulnerability Management jobs in United States
cer-icon
Apply on Employer Site
company-logo

CoreWeave · 8 hours ago

Staff Security Engineer, Vulnerability Management

positionLivingston, NJ
timeFull-time
remoteHybrid
seniorityLead/Staff
money$188K/yr - $275K/yr
date9+ years exp

CoreWeave is The Essential Cloud for AI™, providing a platform that enables innovators to build and scale AI with confidence. The Staff Security Engineer will provide technical expertise for the Vulnerability Management program, defining strategies and overseeing automation architecture while leading cross-functional execution.

Artificial Intelligence (AI)Cloud ComputingInformation TechnologyAI InfrastructureCloud InfrastructureMachine Learning
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Define the multi-quarter VM technical strategy and roadmap, including operating model, prioritization framework, and technical standards
Architect and scale AI-powered triage automation: evaluate vendor solutions vs. in-house development, design integration architecture, and oversee production rollout
Own end-to-end automation architecture from assessment through detection creation to remediation orchestration and ticketing
Own specialized hardware vulnerability strategy for GPU firmware, DPU firmware (BlueField), and BMC attack surfaces
Serve as primary technical point of contact for embargoed vendor disclosures and zero-day response, driving emergency patch plans with owner teams that execute deployment
Establish severity, remediation, and exception-handling standards; ensure IC3/IC4 execution aligns with risk and business priorities
Define executive-facing VM metrics, risk posture reporting, and decision cadences with Security and Engineering leadership
Lead deep technical analysis during high-profile vulnerability incidents and drive post-incident technical improvements
Mentor IC3/IC4/IC5 engineers and raise the technical bar for automation design, code quality, and security judgment
Partner with security, engineering, and operational stakeholders to drive unified workflows and unblock cross-functional delivery

Qualification

Vulnerability ManagementSecurity AutomationPythonCloud SecurityAI/ML SystemsGPU/DPU SecuritySecurity ToolingBusiness AcumenMentoringTechnical Leadership

Required

9+ years of relevant experience with demonstrated strategic impact in vulnerability management, application security, platform security, or cloud security engineering
Proven track record building and scaling security automation (SOAR workflows, AI/ML systems, detection pipelines) in production environments
Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, threat intelligence integration, and risk-based prioritization frameworks
Excellent development background with strong coding skills in Python, Go, or similar languages for building scalable, production-grade security systems
Significant experience with modern vulnerability management tooling (for example Wiz, Semgrep, Rapid7, Tenable, or equivalent)
Experience with specialized infrastructure: GPU/DPU environments, firmware security, hardware vulnerabilities, or high-performance computing
Demonstrated track record mentoring engineers across levels and driving cross-functional technical initiatives at organizational scale
Strong business acumen and understanding of how security decisions impact engineering velocity, customer trust, and business outcomes

Preferred

Practical experience building AI/ML-powered security systems (LLM integration, automated decision-making, human-in-the-loop validation) in production
Experience managing hardware vendor security partnerships (embargoed disclosures and pre-release collaboration)
Production experience with security automation platforms such as TINES and serverless frameworks (AWS Lambda, GCP Cloud Functions)
Strong DevOps, DevSecOps, or SRE background with deep experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation)
Deep understanding of Kubernetes security (container scanning, admission controllers, supply chain security, runtime protection)
Experience leading security programs through rapid hypergrowth (10x+ infrastructure scaling) in startup or cloud-native environments
Practical experience managing vulnerabilities within a FedRAMP-certified environment or similar regulatory frameworks

Benefits

Medical, dental, and vision insurance - 100% paid for by CoreWeave
Company-paid Life Insurance
Voluntary supplemental life insurance
Short and long-term disability insurance
Flexible Spending Account
Health Savings Account
Tuition Reimbursement
Ability to Participate in Employee Stock Purchase Program (ESPP)
Mental Wellness Benefits through Spring Health
Family-Forming support provided by Carrot
Paid Parental Leave
Flexible, full-service childcare support with Kinside
401(k) with a generous employer match
Flexible PTO
Catered lunch each day in our office and data center locations
A casual work environment
A work culture focused on innovative disruption

Company

CoreWeave

twittertwittertwitter
company-logo
CoreWeave is a cloud-based AI infrastructure company offering GPU cloud services to simplify AI and machine learning workloads.
dateFounded in 2017
location
Livingston, New Jersey, USA
people-size1001-5000 employees
web-link
https://www.coreweave.com

Funding

Current Stage
Public Company
Total Funding
$26.87B
Key Investors
NVIDIAGoldman Sachs,JP Morgan Chase,Morgan Stanley,MUFG Union BankJane Street Capital
2026-01-26Post Ipo Equity· $2B
2025-12-08Post Ipo Debt· $2.54B
2025-11-12Post Ipo Debt· $2.5B

Leadership Team

leader-logo
Michael Intrator
Chief Executive Officer
linkedin
leader-logo
Brannin McBee
Founder & CDO
linkedin

Recent News

Inc42 Media
India’s Neocloud Players Ride The Sovereign AI Wave
2026-02-09
Analytics Insight: Latest AI, Crypto, Tech News & Analysis
Bitcoin and Ether Drop Exposes Risks for Treasuries, ETFs, and Crypto Miners
2026-02-08
The Motley Fool
Is Applied Digital Stock a Buy Now?
2026-02-08
Company data provided by crunchbase