Staff Security Engineer, Vulnerability Management

What Youll Do:

We are seeking a Staff Security Engineer to lead the most complex technical work in CoreWeaves Vulnerability Management program. You will design and implement scalable triage prioritization and remediation-tracking systems across application infrastructure and hardware domains. You will set technical standards drive high-impact initiatives and mentor engineers through technical leadership while partnering with leadership on priorities and execution risks.

About the role:

• Lead high-complexity VM technical initiatives and deliver architecture decisions for assigned program areas
• Design and build scalable triage automation including integrations decision logic and production hardening
• Implement end-to-end workflow components from assessment and detection to ticket routing and remediation tracking
• Provide deep technical leadership on hardware-adjacent vulnerabilities (GPU firmware DPU firmware/BlueField and BMC surfaces)
• Act as senior technical responder for embargoed disclosures and zero-day events coordinating with owner teams that deploy fixes
• Improve prioritization logic severity models and exception workflows through code design reviews and technical proposals
• Produce actionable technical metrics and risk insights for leadership consumption
• Lead root-cause analysis for high-impact vulnerability incidents and implement durable technical improvements
• Mentor IC3/IC4/IC5 engineers through design guidance code review and incident coaching
• Partner with security engineering and operational stakeholders to improve workflow reliability and accelerate remediation outcomes

Who You Are:

• 9 years of relevant experience with demonstrated strategic impact in vulnerability management application security platform security or cloud security engineering
• Proven track record building and scaling security automation (SOAR workflows AI/ML systems detection pipelines) in production environments
• Deep subject matter expertise with vulnerability management best practices: CVSS EPSS CISA KEV threat intelligence integration and risk-based prioritization frameworks
• Excellent development background with strong coding skills in Python Go or similar languages for building scalable production-grade security systems
• Significant experience with modern vulnerability management tooling (for example Wiz Semgrep Rapid7 Tenable or equivalent)
• Experience with specialized infrastructure: GPU/DPU environments firmware security hardware vulnerabilities or high-performance computing
• Demonstrated track record mentoring engineers across levels and driving cross-functional technical initiatives at organizational scale
• Strong business acumen and understanding of how security decisions impact engineering velocity customer trust and business outcomes

Preferred:

• Practical experience building AI/ML-powered security systems (LLM integration automated decision-making human-in-the-loop validation) in production
• Experience managing hardware vendor security partnerships (embargoed disclosures and pre-release collaboration)
• Production experience with security automation platforms such as TINES and serverless frameworks (AWS Lambda GCP Cloud Functions)
• Strong DevOps DevSecOps or SRE background with deep experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform CloudFormation)
• Deep understanding of Kubernetes security (container scanning admission controllers supply chain security runtime protection)
• Experience leading security programs through rapid hypergrowth (10x infrastructure scaling) in startup or cloud-native environments
• Practical experience managing vulnerabilities within a FedRAMP-certified environment or similar regulatory frameworks

The base salary range for this role is $188000 to $275000. The starting salary will be determined based on job-related knowledge skills experience and market location. We strive for both market alignment and internal equity when determining addition to base salary our total rewards package includes a discretionary bonus equity awards and a comprehensive benefits program (all based on eligibility).