Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Security Engineer, Vulnerability Management

$188k - $275k

CoreWeave

CoreWeave is The Essential Cloud for AI™. Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, CoreWeave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, CoreWeave became a publicly traded company (Nasdaq: CRWV) in March 2025. Learn more at What You’ll Do We are seeking a Staff Security Engineer to lead the most complex technical work in CoreWeave’s Vulnerability Management program. You will design and implement scalable triage, prioritization, and remediation‑tracking systems across application, infrastructure, and hardware domains. You will set technical standards, drive high‑impact initiatives, and mentor engineers through technical leadership, while partnering with leadership on priorities and execution risks. About The Role Lead high‑complexity VM technical initiatives and deliver architecture decisions for assigned program areas Design and build scalable triage automation, including integrations, decision logic, and production hardening Implement end‑to‑end workflow components from assessment and detection to ticket routing and remediation tracking Provide deep technical leadership on hardware‑adjacent vulnerabilities (GPU firmware, DPU firmware/BlueField, and BMC surfaces) Act as senior technical responder for embargoed disclosures and zero‑day events, coordinating with owner teams that deploy fixes Improve prioritization logic, severity models, and exception workflows through code, design reviews, and technical proposals Produce actionable technical metrics and risk insights for leadership consumption Lead root‑cause analysis for high‑impact vulnerability incidents and implement durable technical improvements Mentor IC3/IC4/IC5 engineers through design guidance, code review, and incident coaching Partner with security, engineering, and operational stakeholders to improve workflow reliability and accelerate remediation outcomes Who You Are 9+ years of relevant experience with demonstrated strategic impact in vulnerability management, application security, platform security, or cloud security engineering Proven track record building and scaling security automation (SOAR workflows, AI/ML systems, detection pipelines) in production environments Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, threat intelligence integration, and risk‑based prioritization frameworks Excellent development background with strong coding skills in Python, Go, or similar languages for building scalable, production‑grade security systems Significant experience with modern vulnerability management tooling (for example Wiz, Semgrep, Rapid7, Tenable, or equivalent) Experience with specialized infrastructure: GPU/DPU environments, firmware security, hardware vulnerabilities, or high‑performance computing Demonstrated track record mentoring engineers across levels and driving cross‑functional technical initiatives at organizational scale Strong business acumen and understanding of how security decisions impact engineering velocity, customer trust, and business outcomes Preferred Practical experience building AI/ML‑powered security systems (LLM integration, automated decision‑making, human‑in‑the‑loop validation) in production Experience managing hardware vendor security partnerships (embargoed disclosures and pre‑release collaboration) Production experience with security automation platforms such as TINES and serverless frameworks (AWS Lambda, GCP Cloud Functions) Strong DevOps, DevSecOps, or SRE background with deep experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation) Deep understanding of Kubernetes security (container scanning, admission controllers, supply chain security, runtime protection) Experience leading security programs through rapid hypergrowth (10x+ infrastructure scaling) in startup or cloud‑native environments Practical experience managing vulnerabilities within a FedRAMP‑certified environment or similar regulatory frameworks What We Offer The base salary range for this role is $188,000 to $275,000. The starting salary will be determined based on job‑related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility). In addition to a competitive salary, we offer a variety of benefits to support your needs, including: Medical, dental, and vision insurance – 100% paid for by CoreWeave Company‑paid Life Insurance Voluntary supplemental life insurance Short and long‑term disability insurance Flexible Spending Account Health Savings Account Tuition Reimbursement Ability to Participate in Employee Stock Purchase Program (ESPP) Mental Wellness Benefits through Spring Health Family‑Forming support provided by Carrot Paid Parental Leave Flexible, full‑service childcare support with Kinside 401(k) with a generous employer match Flexible PTO Catered lunch each day in our office and data center locations A casual work environment A work culture focused on innovative disruption Our Workplace While we prioritize a hybrid work environment, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets. New hires will be invited to attend onboarding at one of our hubs within their first month. Teams also gather quarterly to support collaboration. California Consumer Privacy Act – California applicants only CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace. All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. As part of this commitment and consistent with the Americans with Disabilities Act (ADA), CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship. If reasonable accommodation is needed, please contact: View email address on click.appcast.io. Export Control Compliance This position requires access to export controlled information. To conform to U.S. Government export regulations applicable to that information, applicant must either be (A) a U.S. person, defined as a (i) U.S. citizen or national, (ii) U.S. lawful permanent resident (green card holder), (iii) refugee under 8 U.S.C. 1157, or (iv) asylee under 8 U.S.C. 1158, (B) eligible to access the export controlled information without a required export authorization, or (C) eligible and reasonably likely to obtain the required export authorization from the applicable U.S. government agency. CoreWeave may, for legitimate business reasons, decline to pursue any export licensing process. 1157, or (iv) asylee under 8 U.S.C. 1158 (B) eligible to access the export controlled information without a required export authorization, or (C) eligible and reasonably likely to obtain the required export authorization from the applicable U.S. government agency #J-18808-Ljbffr CoreWeave

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Staff Security Engineer, Vulnerability Management in New York, NY vacancy
  • Okta, located in New York City, is looking for a Staff Product Security Engineer to safeguard its products through comprehensive security reviews...  ...role will conduct penetration testing and identify vulnerabilities while mentoring junior engineers and representing Okta... 
    Suggested

    Okta

    New York, NY
    1 day ago
  • $207k - $301k

     ...experience. 8 years of experience with security engineering, computer and network security and...  ...enterprise environment. Experience in people management. Preferred qualifications...  ...identify and fix security flaws and vulnerabilities. You are a recognized expert in at least... 
    Suggested
    Temporary work

    Google

    New York, NY
    1 day ago
  • $78k - $135k

    Coalfire, located in Chicago, Illinois, is seeking a Vulnerability Management professional to oversee the lifecycle of security programs and manage compliance with key frameworks. Ideal candidates will have 3-5 years of experience in security operations and a strong understanding... 
    Suggested

    Coalfire-

    New York, NY
    4 days ago
  • Alignerr is seeking a Vulnerability Management Analyst to help train and evaluate AI models by analyzing CVEs, exposure scenarios, and remediation...  ...flexible scheduling and global collaboration for qualified security practitioners. You will classify risk, validate patching... 
    Suggested
    Remote job
    Hourly pay
    Contract work
    Flexible hours

    Alignerr

    New York, NY
    2 days ago
  • $78k - $135k

    What You'll Do Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation...  ...Collect, organize, and maintain security control evidence and artifacts for monthly...  ...supporting risk assessments Translate technical vulnerability findings into risk‑based language for... 
    Suggested
    Work experience placement

    Coalfire-

    New York, NY
    4 days ago
  • A technical staffing firm is seeking an IT Analyst for a remote contract position. The role involves reviewing Tenable Vulnerability Management systems, analyzing reports, prioritizing remediation efforts, and coordinating with technical teams. Ideal candidates should... 
    Remote job
    Contract work

    ViziRecruiter,LLC.

    New York, NY
    2 days ago
  • $100k - $145k

    Application Vulnerability & Obsolescence Analyst Talan is an international consulting and technology...  ...CIB clients in keeping their software secure and up to date. The ideal candidate has...  ...risk and application lifecycle management. Qualifications Bachelor’s degree in... 
    Worldwide

    Talan Group

    New York, NY
    2 days ago
  • EVERSANA India Pvt. Ltd is looking for an IT Security professional to recommend and install...  ...cyberattacks. You will conduct vulnerability analysis, monitor systems, and collaborate...  ...the compliance team to ensure risk is managed effectively. The ideal candidate has at... 

    EVERSANA India Pvt. Ltd

    New York, NY
    15 hours ago
  • ManpowerGroup is seeking a Vulnerability Management Analyst to oversee Enterprise Payments vulnerabilities. This remote position requires expertise in the Brinqa Vulnerability tool and advanced Excel skills to effectively lead remediation efforts and analyze vulnerability... 
    Remote job

    ManpowerGroup

    New York, NY
    1 day ago
  • New York University is seeking a Vulnerability Management Analyst 2 to join Security Operations and drive effective vulnerability identification and remediation. You will leverage advanced tools and workflows to identify impacted systems and optimize processes, collaborating... 
    Remote job

    New York University

    New York, NY
    3 days ago
  • $110k - $130k

    Position Title Vulnerability Management Analyst 2 Posting Information Posting Number: 2026-15806 Location...  ...more than 60% of time Department: Security Operations School/Division: NYU IT (...  ...Studio, Internet of Things search engines (e.g. Censys, Shodan), scanning a large... 
    Full time
    Part time
    Work experience placement
    Remote work

    New York University

    New York, NY
    3 days ago
  • Experis US LLC is looking for a Vulnerability Management Analyst to manage vulnerabilities in Enterprise Payments. This role involves reviewing...  ...financial services sector. This position is crucial for enhancing the security of our applications. #J-18808-Ljbffr Experis US LLC
    Remote job

    Experis US LLC

    New York, NY
    1 day ago
  • $188k - $275k

    A leading cloud computing company in New York seeks a Staff Security Engineer to lead complex vulnerability management initiatives. You will design automated triage systems, mentor engineers, and ensure security across infrastructures. With over 9 years of experience in... 
    Remote work

    CoreWeave

    New York, NY
    1 day ago
  • About Us Turnkey builds secure, developer-first infrastructure for private key management, making it simple to create wallets...  ...Senior Application Security Engineer to join Turnkey's team and help...  ...Auditing and surfacing vulnerabilities in our current products Conducting... 
    Work at office

    Turnkey

    New York, NY
    1 day ago
  • QUANTEAM - North America (RAINBOW PARTNERS Group) is seeking a Vulnerability & Patch Management Analyst to join their New York team. The successful candidate will manage the end-to-end VPM program, working closely with network teams and IT stakeholders in a global financial... 

    QUANTEAM - North America (RAINBOW PARTNERS Group)

    New York, NY
    2 days ago
  • $225k - $275k

     ...compounding interest. Affirm values information security as a critical part of the company’s...  ...source code to identify security vulnerabilities and provide recommendations for secure...  ...cross-team projects into individual tasks. Manage scope across teams and drive toward... 
    Work at office
    Remote work
    Flexible hours

    Affirm

    New York, NY
    2 days ago
  • $180k - $247.5k

    Secure Every Identity, from AI to Human Identity is the key to unlocking the...  .... If you are too, let's talk. The Staff Product Security Engineer Opportunity As a Staff Product Security...  ..., and handling externally reported vulnerabilities. You will engage in code reviews,... 
    Local area
    Worldwide
    Flexible hours

    Okta

    New York, NY
    1 day ago
  • Oscar Health is seeking a Senior Product Security Engineer 1 to join our Security Team in New York City. You will lead security across...  .... You will mentor junior engineers, review code, drive vulnerability management, and build risk-based security controls. The role... 

    Oscar Health

    New York, NY
    1 day ago
  • $100k - $110k

    Sony Music Entertainment in New York is seeking a Cyber Security Testing Analyst to contribute to security testing efforts. You...  ...cyber security, focusing on technical security testing and vulnerability management. The position offers an annual salary range of $100,000 to... 

    Dormont Manufacturing Company

    New York, NY
    2 days ago
  •  ...Active Directory/ Priviledge Access Management Lead Engineer for one of our top tier global clients...  ...and managing Active Directory security controls and hardening initiatives...  ...remediating Active Directory security vulnerabilities and misconfigurations Experience working... 
    Long term contract
    Work experience placement
    Local area

    PRI Technology

    New York, NY
    1 day ago
  • The ServiceNow Identity Security Engineer supports the implementation, configuration, and ongoing delivery of identity security solutions...  ...insights with cybersecurity programs such as exposure management, vulnerability management, or security operations Develop direct... 
    Remote work

    Templar Shield

    New York, NY
    1 day ago
  • $210k - $230k

     ...into the Director, Information Security and build relationships with...  ...and remediate application vulnerabilities. This individual contributor...  ...posture and enable our engineers to code safely. Innovate with...  ...safe coding and vulnerability management Assist penetration testing initiatives... 
    Full time
    Work at office
    Flexible hours

    Upside

    New York, NY
    1 day ago
  •  ...entire firm adopts AI securely. This is a 50/50...  ...automating threat detection, vulnerability triage, incident...  ...triage, vulnerability management, and incident...  ...security copilots for engineering teams that perform real...  ...impact at a senior or staff level. 3+ years of hands... 
    Contract work

    Bridgewater89

    New York, NY
    1 day ago
  • $204k - $240k

     ...Range $204,000.00 - $240,000.00 Role Summary Etsy is seeking a Staff Security Engineer to join our Security Operations team. As part of the larger...  ...and infrastructure. Security Operations is responsible for managing our strategy, technologies, and execution of threat... 
    Full time
    Local area
    Visa sponsorship

    Etsy

    New York, NY
    1 day ago
  • $160k - $190k

     ...Mission or Department Overview The newsroom security engineer within Cybersecurity is a hands‑on...  ...the Cybersecurity department, you will manage complex projects end‑to‑end. You will also...  ...strengthen protections for newsroom staff while supporting efficient journalistic... 
    Work at office
    Local area
    Flexible hours

    The New York Times

    New York, NY
    1 day ago
  • $217k - $255k

     ...keep reading. The Red Team’s mission is to identify and reduce real-world security risks across Robinhood by simulating adversary behavior and testing defenses. As a Staff Offensive Security Engineer, you will plan and execute security assessments across applications,... 
    Work at office
    Shift work
    3 days per week

    Robinhood

    New York, NY
    1 day ago
  • Nscale, based in New York, is hiring a Staff Security Engineer to focus on Endpoint and Device Security. You'll build the security foundation for employees, ensuring secure, reliable configurations across various devices. The ideal candidate will have over 7 years in endpoint... 

    Nscale

    New York, NY
    1 day ago
  • Etsy is seeking a Staff Security Engineer to join our Security Operations team in New York City. This full-time position focuses on protecting...  ...include enhancing detection processes, threat hunting, and managing incident responses while mentoring colleagues. A successful... 
    Full time

    Etsy

    New York, NY
    1 day ago
  • $240k - $300k

    Staff Security Engineer | Series A Cloud Platform Company | NYC (Onsite) Are you a software engineer who loves solving complex cloud and container security challenges? I’m partnered with a well‑funded, fast‑growing Series A cloud platform startup in NYC that is hiring its... 

    Code Red Partners

    New York, NY
    1 day ago
  • $196k - $245k

     ...opportunities, join us, and build real world value. As a Staff Security Engineer within the Secure Digital Asset Operations (SDAO) function...  ...off‑chain transactions. Strong working knowledge of key management solutions (MPC, HSM, etc.), cryptography, and key lifecycle... 
    Full time
    Contract work
    Work at office
    Local area

    Ripple

    New York, NY
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Security Engineer, Vulnerability Management. Be the first to apply!