Senior Security Engineer I, Vulnerability Management
About The Position
We are seeking a Security Engineer to join CoreWeave's Vulnerability Management team. This is an execution-focused role: you will perform hands-on triage, drive remediation follow-through, and improve day-to-day operational quality across cloud and specialized infrastructure environments. You will work closely with other security engineers to support high-priority vulnerability response, improve automation quality, and build strong security judgment. This role is ideal for engineers who want meaningful ownership, fast learning, and a clear growth path toward senior scope.
Requirements
- 3+ years of relevant experience in vulnerability management, security operations, application security, or related security engineering
- Strong understanding of vulnerability assessment fundamentals (CVSS, exploitability, risk prioritization, remediation tradeoffs)
- Hands-on experience with one or more vulnerability management platforms (for example Wiz, Rapid7, Qualys, Tenable, or equivalent)
- Proficiency in scripting/automation for workflow support (Python, Bash, or similar)
- Familiarity with cloud security concepts (AWS, GCP, Azure) and common infrastructure vulnerabilities
- Strong written and verbal communication skills for cross-functional collaboration
- Demonstrated execution ownership in operational security work
Nice To Haves
- Exposure to security automation/SOAR platforms (for example Tines, Splunk SOAR, or equivalent)
- Experience with container/Kubernetes vulnerability workflows
- Familiarity with hardware-adjacent vulnerability domains (GPU/DPU firmware, BMC/IPMI)
- Experience supporting compliance evidence collection (SOC 2, ISO 27001, FedRAMP, or similar)
- Experience in high-growth or fast-moving infrastructure environments
- Exposure to AI-assisted security workflows and human-in-the-loop validation
Responsibilities
- Perform hands-on vulnerability triage and risk assessment using team-defined standards and playbooks
- Track remediation progress with owner teams, escalate blockers, and ensure clean issue closure
- Support automated triage workflows by validating outputs and improving signal quality
- Contribute to automated remediation campaigns (for example EOL cleanup, vulnerable software upgrades, and fix verification)
- Support zero-day and embargo response by helping inventory affected assets and tracking owner-team deployment status
- Participate in incident investigations by gathering technical evidence and supporting impact analysis
- Participate in on-call rotation for critical vulnerability events
- Maintain high-quality documentation, runbooks, and operational updates
- Identify process gaps and contribute practical workflow improvements that reduce manual toil
Benefits
- Medical, dental, and vision insurance - 100% paid for by CoreWeave
- Company-paid Life Insurance
- Voluntary supplemental life insurance
- Short and long-term disability insurance
- Flexible Spending Account
- Health Savings Account
- Tuition Reimbursement
- Ability to Participate in Employee Stock Purchase Program (ESPP)
- Mental Wellness Benefits through Spring Health
- Family-Forming support provided by Carrot
- Paid Parental Leave
- Flexible, full-service childcare support with Kinside
- 401(k) with a generous employer match
- Flexible PTO
- Catered lunch each day in our office and data center locations
- A casual work environment
- A work culture focused on innovative disruption
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
