Security Engineer, Vulnerability Management
CoreWeave is a specialized cloud provider focused on GPU accelerated use cases including VFX, AI/ML, Batch Processing and Real Time Experiences. We support countless AI/ML services in the text to image, NLP and broader AI/ML space, reducing client’s infrastructure management requirements with our Kubernetes based serverless GPU cloud offerings.
Job Description
About this Role:
The Vulnerability Management Team at CoreWeave is responsible for shepherding security findings from discovery through closure across a diverse set of technologies. As a member of the Vulnerability Management Team, you will directly help our business understand how vulnerabilities affect our technology stack, employees, partners, vendors, and customers while helping to build and improve our vulnerability management tools, processes, and procedures.
Core Responsibilities:
- Helping stakeholders within CoreWeave understand how security vulnerabilities affect the organization while effectively and accurately articulating their impact and importance
- Influence and help prioritize the remediation of vulnerabilities using CoreWeave’s vulnerability remediation tools and processes
- Identify and help remediate visibility gaps related to vulnerability identification and triaging
- Own the expedited vulnerability triaging process to ensure time-sensitive issues are adequately remediated
- Assist in creating external vulnerability notifications related to the CoreWeave technology stack
- Provide process and procedure improvements to increase CoreWeave’s ability to react to newly discovered and/or published vulnerabilities affecting both our customers and employees
Minimum Qualifications & Experience:
- 3+ years of proven experience working in an vulnerability management and/or offensive security capacity (e.g. penetration testing, red teaming, or vulnerability assessment)
- Competency with a modern programming or scripting language (GoLang, Python, Bash, etc.)
- Experience administering fleets of Mac, iOS, Linux, and/or Windows systems (bonus if you have experience with several)
- A strong understanding of Linux operating system internals
- Experience working in a vulnerability management / remediation role
Highly Desirable:
- Experience with using Kubernetes
- Proficiency with using scripting languages to manage fleets of end-user systems
- Experience influencing remediation strategy using a data-driven approach =
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $160,000-$185,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.
Hybrid Workplace
Successful candidates will be expected to attend onboarding training at our NJ Headquarters within their first several weeks of employment, with subsequent quarterly travel requirements of 1 week duration.
If you reside within a 30-mile radius of our New Jersey, New York, or Philadelphia offices, we're excited for you to join us at the office at least three times a week, recognizing the significance we place on fostering connections, collaboration, and creativity within our office culture. Our commitment to operating as a hybrid workplace underscores our dedication to enabling our employees to tailor their work-life balance to their individual preferences.
CoreWeave is a specialized cloud provider, delivering a massive scale of GPU compute resources on top of the industry’s fastest and most flexible infrastructure. CoreWeave builds cloud solutions for compute intensive use cases — VFX and rendering, machine learning and AI, batch processing, and Pixel Streaming — that are up to 35 times faster and 80% less expensive than the large, generalized public clouds. Learn more at www.coreweave.com.
About this Role:
The Vulnerability Management Team at CoreWeave is responsible for shepherding security findings from discovery through closure across a diverse set of technologies. As a member of the Vulnerability Management Team, you will directly help our business understand how vulnerabilities affect our technology stack, employees, partners, vendors, and customers while helping to build and improve our vulnerability management tools, processes, and procedures.
Core Responsibilities:
- Helping stakeholders within CoreWeave understand how security vulnerabilities affect the organization while effectively and accurately articulating their impact and importance
- Influence and help prioritize the remediation of vulnerabilities using CoreWeave’s vulnerability remediation tools and processes
- Identify and help remediate visibility gaps related to vulnerability identification and triaging
- Own the expedited vulnerability triaging process to ensure time-sensitive issues are adequately remediated
- Assist in creating external vulnerability notifications related to the CoreWeave technology stack
- Provide process and procedure improvements to increase CoreWeave’s ability to react to newly discovered and/or published vulnerabilities affecting both our customers and employees
Minimum Qualifications & Experience:
- 3+ years of proven experience working in an vulnerability management and/or offensive security capacity (e.g. penetration testing, red teaming, or vulnerability assessment)
- Competency with a modern programming or scripting language (GoLang, Python, Bash, etc.)
- Experience administering fleets of Mac, iOS, Linux, and/or Windows systems (bonus if you have experience with several)
- A strong understanding of Linux operating system internals
- Experience working in a vulnerability management / remediation role
Highly Desirable:
- Experience with using Kubernetes
- Proficiency with using scripting languages to manage fleets of end-user systems
- Experience influencing remediation strategy using a data-driven approach =
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $160,000-$185,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.
Hybrid Workplace
Successful candidates will be expected to attend onboarding training at our NJ Headquarters within their first several weeks of employment, with subsequent quarterly travel requirements of 1 week duration.
If you reside within a 30-mile radius of our New Jersey, New York, or Philadelphia offices, we're excited for you to join us at the office at least three times a week, recognizing the significance we place on fostering connections, collaboration, and creativity within our office culture. Our commitment to operating as a hybrid workplace underscores our dedication to enabling our employees to tailor their work-life balance to their individual preferences.