Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Security Engineer, Vulnerability Management

$188k - $275k
Full-time

CoreWeave

CoreWeave is The Essential Cloud for AI™. Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, CoreWeave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, CoreWeave became a publicly traded company (Nasdaq: CRWV) in March 2025. Learn more at [ What You’ll Do: We are seeking a Staff Security Engineer to lead the most complex technical work in CoreWeave’s Vulnerability Management program. You will design and implement scalable triage, prioritization, and remediation-tracking systems across application, infrastructure, and hardware domains. You will set technical standards, drive high-impact initiatives, and mentor engineers through technical leadership, while partnering with leadership on priorities and execution risks. About the role: * Lead high-complexity VM technical initiatives and deliver architecture decisions for assigned program areas * Design and build scalable triage automation, including integrations, decision logic, and production hardening * Implement end-to-end workflow components from assessment and detection to ticket routing and remediation tracking * Provide deep technical leadership on hardware-adjacent vulnerabilities (GPU firmware, DPU firmware/BlueField, and BMC surfaces) * Act as senior technical responder for embargoed disclosures and zero-day events, coordinating with owner teams that deploy fixes * Improve prioritization logic, severity models, and exception workflows through code, design reviews, and technical proposals * Produce actionable technical metrics and risk insights for leadership consumption * Lead root-cause analysis for high-impact vulnerability incidents and implement durable technical improvements * Mentor IC3/IC4/IC5 engineers through design guidance, code review, and incident coaching * Partner with security, engineering, and operational stakeholders to improve workflow reliability and accelerate remediation outcomes Who You Are: * 9+ years of relevant experience with demonstrated strategic impact in vulnerability management, application security, platform security, or cloud security engineering * Proven track record building and scaling security automation (SOAR workflows, AI/ML systems, detection pipelines) in production environments * Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, threat intelligence integration, and risk-based prioritization frameworks * Excellent development background with strong coding skills in Python, Go, or similar languages for building scalable, production-grade security systems * Significant experience with modern vulnerability management tooling (for example Wiz, Semgrep, Rapid7, Tenable, or equivalent) * Experience with specialized infrastructure: GPU/DPU environments, firmware security, hardware vulnerabilities, or high-performance computing * Demonstrated track record mentoring engineers across levels and driving cross-functional technical initiatives at organizational scale * Strong business acumen and understanding of how security decisions impact engineering velocity, customer trust, and business outcomes Preferred: * Practical experience building AI/ML-powered security systems (LLM integration, automated decision-making, human-in-the-loop validation) in production * Experience managing hardware vendor security partnerships (embargoed disclosures and pre-release collaboration) * Production experience with security automation platforms such as TINES and serverless frameworks (AWS Lambda, GCP Cloud Functions) * Strong DevOps, DevSecOps, or SRE background with deep experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation) * Deep understanding of Kubernetes security (container scanning, admission controllers, supply chain security, runtime protection) * Experience leading security programs through rapid hypergrowth (10x+ infrastructure scaling) in startup or cloud-native environments * Practical experience managing vulnerabilities within a FedRAMP-certified environment or similar regulatory frameworks Why CoreWeave? At CoreWeave, we work hard, have fun, and move fast! We’re in an exciting stage of hyper-growth that you will not want to miss out on. We’re not afraid of a little chaos, and we’re constantly learning. Our team cares deeply about how we build our product and how we work together, which is represented through our core values:

  • Be Curious at Your Core
  • Act Like an Owner
  • Empower Employees
  • Deliver Best-in-Class Client Experiences
  • Achieve More Together
We support and encourage an entrepreneurial outlook and independent thinking. We foster an environment that encourages collaboration and enables the development of innovative solutions to complex problems. As we get set for takeoff, the organization's growth opportunities are constantly expanding. You will be surrounded by some of the best talent in the industry, who will want to learn from you, too. Come join us! The base salary range for this role is $188,000 to $275,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility). What We Offer The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location. In addition to a competitive salary, we offer a variety of benefits to support your needs. The benefits below reflect our US-based offerings; for roles in other locations, benefits vary and are shared during the hiring process. These include:
  • Medical, dental, and vision insurance - 100% paid for by CoreWeave
  • Company-paid Life Insurance
  • Voluntary supplemental life insurance
  • Short and long-term disability insurance
  • Flexible Spending Account
  • Health Savings Account
  • Tuition Reimbursement
  • Ability to Participate in Employee Stock Purchase Program (ESPP)
  • Mental Wellness Benefits through Spring Health
  • Family-Forming support provided by Carrot
  • Paid Parental Leave
  • Flexible, full-service childcare support with Kinside
  • 401(k) with a generous employer match
  • Flexible PTO
  • Catered lunch each day in our office and data center locations
  • A casual work environment
  • A work culture focused on innovative disruption
California Applicants California Consumer Privacy Act [ Equal Opportunity & Accommodations CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace. All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. As part of this commitment and consistent with the Americans with Disabilities Act (ADA) [ CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship. If reasonable accommodation is needed, please contact: View email address on click.appcast.io [View email address on click.appcast.io]. Export Control Compliance This position requires access to export controlled information. To conform to U.S. Government export regulations applicable to that information, applicant must either be (A) a U.S. person, defined as a (i) U.S. citizen or national, (ii) U.S. lawful permanent resident (green card holder), (iii) refugee under 8 U.S.C. § 1157, or (iv) asylee under 8 U.S.C. § 1158, (B) eligible to access the export controlled information without a required export authorization, or (C) eligible and reasonably likely to obtain the required export authorization from the applicable U.S. government agency. CoreWeave may, for legitimate business reasons, decline to pursue any export licensing process.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Staff Security Engineer, Vulnerability Management in New York, NY vacancy
  • $115.5k - $165k

     ..., efficient, resilient, and secure. Our cloud native Zero Trust...  ...future of cybersecurity. Our Engineering team built the world’s...  ...(e.g., Tenable.sc / Nessus Manager or similar) Building Python/...  ...be maintained) 5+ years in Vulnerability Management or Security Engineering... 
    Suggested
    Work at office
    Local area
    Worldwide

    Framework Ventures

    New York, NY
    4 days ago
  • CGI Njoyn is seeking a Senior Security Engineer to lead a dedicated vulnerability management practice within a significant banking environment. The role demands hands-on involvement with visible impacts, supported by a delivery team. Qualified candidates should have over... 
    Suggested

    CGI Njoyn

    New York, NY
    5 days ago
  • $100k - $125k

    The Linux Foundation Co is seeking an OSS-SIRT Engineer to support vulnerability management operations. The role involves triaging reports, validating data...  .... Candidates should have 2-5 years of experience in security engineering or open source development and possess strong... 
    Suggested

    Linux Foundation Co

    New York, NY
    2 days ago
  • $204k - $240k

    Etsy, Inc. is looking for a seasoned security professional in New York to lead incident response initiatives and strengthen detection...  ...and cloud technologies. The position also involves mentoring engineers and working closely on security projects. We offer a competitive... 
    Suggested

    Etsy, Inc.

    New York, NY
    1 day ago
  • Apollo GraphQL is looking for a Staff Security Engineer to enhance API security and lead detection and response for our platform. You will ensure the protection of products through active collaboration with engineering teams, establishing security standards, and embedding... 
    Suggested

    Apollo GraphQL

    New York, NY
    4 days ago
  • $78k - $135k

    Coalfire, located in Chicago, Illinois, is seeking a Vulnerability Management professional to oversee the lifecycle of security programs and manage compliance with key frameworks. Ideal candidates will have 3-5 years of experience in security operations and a strong understanding... 

    Coalfire-

    New York, NY
    2 days ago
  • of SVP, Vulnerability Management & Cloud Security Posture Platform Engineering New York, NY, United States and 2 more Job Description We’re seeking a team member for the role of SVP, Vulnerability Management & Cloud Security Posture Platform Engineering to join our Cybersecurity... 
    Work experience placement
    Worldwide
    Flexible hours

    BNY Mellon

    New York, NY
    3 days ago
  • $180k - $220k

     ...direction and execution of security initiatives that...  ..., and develop senior engineers toward the next level...  ...remediate security vulnerabilities with discernment using...  ...senior engineers toward Staff-level behaviors; your...  ...identity and access management, network segmentation... 
    Work at office
    Immediate start
    Flexible hours

    Order

    New York, NY
    1 day ago
  •  ...like a regular. Reporting to the Security Engineering Director, the Staff Security Engineer will act as...  ...safe by identifying and mitigating vulnerabilities and risks by providing actionable...  ...services, security awareness, provider management and the ongoing testing of those... 
    Remote work

    Olo

    New York, NY
    4 days ago
  •  ...Description Insight Global is seeking a Vulnerability Analyst to support and supplement Natixis's existing Vulnerability Patch Management (VPM) team. This is a consulting engagement...  ...and KRIs (Key Risk Indicators) for a security or risk program. Relevant certifications... 
    Work at office
    Immediate start
    Shift work

    Insight Global

    New York, NY
    3 days ago
  •  ...Advisors, representing a well-known Financial Services Company, is seeking a Sr. Cyber Security Analyst in New York, NY. This role involves driving the entire vulnerability patch management lifecycle, collaborating with IT stakeholders, and ensuring compliance with... 

    Phyton Talent Advisors

    New York, NY
    1 day ago
  • $100k - $300k

    Cogent-Security, located in San Francisco, is looking for a Security Lead who will serve as a key architect...  ...will have over 10 years of experience in security engineering, a deep understanding of vulnerability management, and proficiency in Python. We aim to foster an... 

    Cogent-Security

    New York, NY
    3 days ago
  • QUANTEAM - North America (RAINBOW PARTNERS Group) is seeking a Vulnerability & Patch Management Analyst to join their New York team. The successful candidate will manage the end-to-end VPM program, working closely with network teams and IT stakeholders in a global financial... 

    QUANTEAM - North America (RAINBOW PARTNERS Group)

    New York, NY
    5 days ago
  • Overstory is looking for a talented Senior Security Engineer to enhance the company's security and compliance posture. The ideal candidate will lead security initiatives across vulnerability management, compliance, and security operations while collaborating with various... 
    Remote work
    Flexible hours

    Overstory

    New York, NY
    4 days ago
  •  ...technology company in the United States is seeking a Senior Security Engineer to enhance the security of their SaaS platform and...  ...frameworks like SOC 2. You will be responsible for conducting vulnerability assessments, securing cloud deployments, and leading security... 
    Remote job

    Orbis Group

    New York, NY
    4 days ago
  • Asana is seeking a Security Engineer, Threat Response in New York City to ensure the security of employees and customers. You will lead incident response and vulnerability management strategies, collaborate with multiple teams, and drive security practices throughout the... 

    Asana

    New York, NY
    5 days ago
  • A cross-chain payments protocol company in New York is seeking a Security Engineer to own the security posture of its infrastructure. You will lead threat modeling, vulnerability management, and incident response processes, along with driving compliance readiness. The... 
    Remote job

    Relay

    New York, NY
    4 days ago
  • About the Security Group The Security Department’s mission is to...  ...our cyber, physical, and staff security practices to meet...  ...threat detection, alert triage, vulnerability management, and incident response — to...  ...security copilots for engineering teams that perform real‑time... 

    Bridgewater Associates, LP

    New York, NY
    3 days ago
  • $320k - $405k

     ...committed researchers, engineers, policy experts, and...  ...role: The Application Security team is at the forefront...  ...attack surfaces, and vulnerabilities. Develop tooling to scale...  ...coding practices. Manage Anthropic's...  ...Currently, we expect all staff to be in one of our offices... 
    Work at office
    Remote work
    Visa sponsorship
    Flexible hours
    Shift work

    Anthropic

    New York, NY
    4 days ago
  • $174.32k - $246.23k

    The Staff Cloud Security Engineer is a critical, hands‑on technical role responsible for engineering, implementing, and automating robust...  ...in Python or Go to streamline security operations, vulnerability management, compliance checks, and incident response Write clean... 
    Work at office
    Local area
    Remote work
    Work from home
    Home office

    Included Health

    New York, NY
    4 days ago
  • EVERSANA India Pvt. Ltd is looking for an IT Security professional to recommend and install...  ...cyberattacks. You will conduct vulnerability analysis, monitor systems, and collaborate...  ...the compliance team to ensure risk is managed effectively. The ideal candidate has at... 

    EVERSANA India Pvt. Ltd

    New York, NY
    3 days ago
  •  ...services, and chronic disease management under one roof, creating a...  ...cost efficiency. The IT & Security Engineer Lead will manage Pharmacy1...  ...ongoing risk assessments, vulnerability remediation tracking, and security...  ...HQ, pharmacy, and clinic staff. Assist with vendor... 
    For contractors
    Local area

    Pharmacy First Health

    New York, NY
    4 days ago
  • A leading crypto platform is seeking a Staff Software Engineer specializing in security to enhance its digital asset protection. The ideal candidate will engage in developing and implementing sophisticated security measures to protect customer assets, collaborate closely... 
    Remote job

    Blockchain Works

    New York, NY
    3 days ago
  • $200k - $300k

     ...where you come in. About the role We’re looking for red team security engineers. As a geolocation and compliance company, application...  ...engineers at Radar fit one of two molds, technically: either Staff level expertise in one stack, or "Multi‑Stack" at any level.... 
    Full time
    Work at office

    Radar Labs, Inc.

    New York, NY
    2 days ago
  • $239k - $275k

     ...healthcare at scale. About the role We are seeking an exceptional Staff Security Engineer to serve as a technical anchor for our security function....  ...impact on risk reduction Influential Stakeholder Management: Builds strong relationships across the organization, conveying... 
    Remote work
    Flexible hours

    Garner Health

    New York, NY
    5 days ago
  • $196k - $245k

    Staff Security Engineer, Secure Digital Asset Operations New York, NY, United States Please note this is for New York, NY, United States. You...  ...off‑chain transactions. Strong working knowledge of key management solutions (MPC, HSM, etc.), cryptography, and key... 
    Full time
    Contract work
    Local area

    Ripple

    New York, NY
    2 days ago
  • # Staff Security Engineer, Customer Support and IntegrityApply To JobJob ID: 3467189DoorDash, Inc.United States - Remote## **About the Team**At...  ...mechanisms, and improve how the company proactively manages security risks at scale.* Be the trusted primary partner for... 
    Hourly pay
    Work at office
    Local area
    Remote work
    Flexible hours

    DoorDash

    New York, NY
    4 days ago
  •  ...Job Description Job Description Senior Cybersecurity Engineer – Vulnerability Management & Incident Response Position Overview Our client...  ...incident response operations. This role is ideal for a security professional who enjoys balancing strategic program ownership... 
    Weekend work

    RennerBrown Staffing

    New York, NY
    6 days ago
  • ## Senior Information Systems Security Engineer (ISSE)Applylocations: Robins AFB, GAtime type...  ..., engineering, and lifecycle management across Air Force enterprises (JWICS,...  ...Officials (AOs) regarding system risk, vulnerability mitigation, and Cross-Domain Solutions... 
    Contract work
    Temporary work
    Work at office
    Local area
    Relocation package
    Flexible hours

    Freedom Real Estate

    New York, NY
    4 days ago
  • Veeam is seeking a Senior Product Security Engineer to enhance the security integration in enterprise applications. This position aims to improve developer enablement and vulnerability management across products, working collaboratively within engineering and security teams... 

    Veeam

    New York, NY
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Security Engineer, Vulnerability Management. Be the first to apply!