Federal Compliance, Security Technical Program Manager
About The Position
The CISO organization at CoreWeave is responsible for executing and delivering security, trust, and assurance across our products, platforms, and operations. Within this organization, the Federal Security Compliance team is building the foundation to align CoreWeave’s governance, risk, and compliance (GRC) environment with U.S. federal cybersecurity requirements. About the Role: As a Federal Compliance, Security Technical Program Manager , you will be a founding member of this newly established team, leading the governance and compliance programs that align CoreWeave’s cloud infrastructure and product offerings to U.S. government security standards. You will bridge the gap between compliance and engineering—translating frameworks like FedRAMP, NIST RMF, and DoD SRG into actionable technical requirements. This is a hands-on, highly technical role that will have direct impact on CoreWeave’s ability to achieve federal certifications, strengthen customer trust, and scale securely across products and environments.
Requirements
- 6+ years of experience in cybersecurity, audit, or compliance, including 4+ years directly supporting federal security programs (FedRAMP High/Moderate, NIST RMF)
- Proven experience authoring System Security Plans (SSP) , managing POA&Ms , and coordinating assessments with 3PAOs and agency representatives
- Deep understanding of NIST SP 800-53 Rev. 5 , SP 800-37 (RMF) , and SP 800-137 (ISCM) , with the ability to apply controls within modern cloud architectures
- Demonstrated experience managing FedRAMP Continuous Monitoring (ConMon) deliverables, vulnerability and patch SLAs, and Significant Change Requests
- Hands-on experience working in multi-cloud environments (AWS GovCloud, Azure Government, or Google Public Sector)
- Strong technical literacy with the ability to translate compliance requirements into engineering tasks, architecture documentation, and control validation
- CISSP or CISA (required)
Nice To Haves
- Experience working with or maintaining OSCAL-based documentation pipelines and validation tools
- Prior experience supporting DoD IL4/IL5 workloads (Cloud SRG, SCCA, FedRAMP+)
- Familiarity with Kubernetes (EKS/AKS/GKE) and container security (image signing, SBOMs, admission controls)
- Understanding of NIST AI RMF and OMB M-25-21 policy guidance
- Additional certifications such as CISM , CMMC RP , or equivalent
Benefits
- Medical, dental, and vision insurance - 100% paid for by CoreWeave
- Company-paid Life Insurance
- Voluntary supplemental life insurance
- Short and long-term disability insurance
- Flexible Spending Account
- Health Savings Account
- Tuition Reimbursement
- Ability to Participate in Employee Stock Purchase Program (ESPP)
- Mental Wellness Benefits through Spring Health
- Family-Forming support provided by Carrot
- Paid Parental Leave
- Flexible, full-service childcare support with Kinside
- 401(k) with a generous employer match
- Flexible PTO
- Catered lunch each day in our office and data center locations
- A casual work environment
- A work culture focused on innovative disruption
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
