Senior Manager, Security Engineering, Vulnerability Management

About The Position

Requirements

• Experience establishing and maintaining a vulnerability management program at scale
• Ability to drive a team of vulnerability security engineers and analysts to focus on identifying, triaging, and assisting in remediating vulnerabilities
• Ability to risk assess and distinguish what a critical or high impacting vulnerability is within CoreWeave's environment and drive appropriate remediations across multiple engineering and IT teams when necessary
• Knowledge and experience with the identification and remediation of CVEs within a large infrastructure deployment
• Extensive experience with Linux OS environments
• Hands-on experience managing security tool servers in a large environment, including routine Linux and Windows patching and application patching/upgrades
• Experience managing/troubleshooting server, workstation, local EDR, anti-virus software, and log analysis as it relates to security compliance
• Strong technical background and experience with cyber tooling

Nice To Haves

• Experience operating and maintaining enterprise-level information security tools
• Proven experience in Systems Administration, including server & workstation troubleshooting
• Knowledge and experience with cloud-based infrastructures and network concepts/protocols
• Familiarity with Linux operating systems
• Security+, Network+ certifications
• Experience with container orchestration technologies such as Kubernetes
• Familiarity with sending Requests for Proposals (RFPs) for new cyber tooling
• Experience creating and presenting technical strategies and solution recommendations
• Experience designing, implementing, and integrating new technologies into existing portfolios
• Experience collaborating with cross-functional teams, including engineering
• Any of the following certifications: GREM, GPEN, GCED, CEH, GSEC, OSCP

Responsibilities

• Create and oversee the execution of vulnerability management policies and procedures (e.g. patching)
• Establish and meet Service Level Objectives for both enterprise security and product impacting vulnerabilities
• Create and ensure adherence to procedures for notifying both the business and clients (where applicable) about risk and impacts from security vulnerabilities
• Communicate and coordinate with other teams to triage and remediate vulnerabilities in first and third-party software and software dependencies
• Act as a liaison between other teams (Hardware, Application Security, Offensive Security) to appropriately assign, follow, and close security tickets

Benefits

• Medical, dental, and vision insurance - 100% paid for by CoreWeave
• Company-paid Life Insurance
• Voluntary supplemental life insurance
• Short and long-term disability insurance
• Flexible Spending Account
• Health Savings Account
• Tuition Reimbursement
• Ability to Participate in Employee Stock Purchase Program (ESPP)
• Mental Wellness Benefits through Spring Health
• Family-Forming support provided by Carrot
• Paid Parental Leave
• Flexible, full-service childcare support with Kinside
• 401(k) with a generous employer match
• Flexible PTO
• Catered lunch each day in our office and data center locations
• A casual work environment
• A work culture focused on innovative disruption