About the position
We are seeking a Security Engineer to join CoreWeave's Vulnerability Management team. This is an execution-focused role: you will perform hands-on triage, drive remediation follow-through, and improve day-to-day operational quality across cloud and specialized infrastructure environments.
You will work closely with other security engineers to support high-priority vulnerability response, improve automation quality, and build strong security judgment. This role is ideal for engineers who want meaningful ownership, fast learning, and a clear growth path toward senior scope.
Responsibilities
• Perform hands-on vulnerability triage and risk assessment using team-defined standards and playbooks
• Track remediation progress with owner teams, escalate blockers, and ensure clean issue closure
• Support automated triage workflows by validating outputs and improving signal quality
• Contribute to automated remediation campaigns (for example EOL cleanup, vulnerable software upgrades, and fix verification)
• Support zero-day and embargo response by helping inventory affected assets and tracking owner-team deployment status
• Participate in incident investigations by gathering technical evidence and supporting impact analysis
• Participate in on-call rotation for critical vulnerability events
• Maintain high-quality documentation, runbooks, and operational updates
• Identify process gaps and contribute practical workflow improvements that reduce manual toil
Requirements
• 3+ years of relevant experience in vulnerability management, security operations, application security, or related security engineering
• Strong understanding of vulnerability assessment fundamentals (CVSS, exploitability, risk prioritization, remediation tradeoffs)
• Hands-on experience with one or more vulnerability management platforms (for example Wiz, Rapid7, Qualys, Tenable, or equivalent)
• Proficiency in scripting/automation for workflow support (Python, Bash, or similar)
• Familiarity with cloud security concepts (AWS, GCP, Azure) and common infrastructure vulnerabilities
• Strong written and verbal communication skills for cross-functional collaboration
• Demonstrated execution ownership in operational security work
Nice-to-haves
• Exposure to security automation/SOAR platforms (for example Tines, Splunk SOAR, or equivalent)
• Experience with container/Kubernetes vulnerability workflows
• Familiarity with hardware-adjacent vulnerability domains (GPU/DPU firmware, BMC/IPMI)
• Experience supporting compliance evidence collection (SOC 2, ISO 27001, FedRAMP, or similar)
• Experience in high-growth or fast-moving infrastructure environments
• Exposure to AI-assisted security workflows and human-in-the-loop validation
Benefits
• Medical, dental, and vision insurance - 100% paid for by CoreWeave
• Company-paid Life Insurance
• Voluntary supplemental life insurance
• Short and long-term disability insurance
• Flexible Spending Account
• Health Savings Account
• Tuition Reimbursement
• Ability to Participate in Employee Stock Purchase Program (ESPP)
• Mental Wellness Benefits through Spring Health
• Family-Forming support provided by Carrot
• Paid Parental Leave
• Flexible, full-service childcare support with Kinside
• 401(k) with a generous employer match
• Flexible PTO
• Catered lunch each day in our office and data center locations
• A casual work environment
• A work culture focused on innovative disruption
Apply Now
Apply Now