Principal Security Engineer

CoreWeave is the AI Hyperscaler™, delivering a cloud platform of cutting edge services powering the next wave of AI. The company’s technology provides enterprises and leading AI labs with the most performant, efficient and resilient solutions for accelerated computing. Since 2017, CoreWeave has operated a growing footprint of data centers covering every region of the US and across Europe. CoreWeave was ranked as one of the TIME100 most influential companies of 2024.

As the leader in the industry, we thrive in an environment where adaptability and resilience are key. Our culture offers career-defining opportunities for those who excel amid change and challenge. If you’re someone who thrives in a dynamic environment, enjoys solving complex problems, and is eager to make a significant impact, CoreWeave is the place for you. Join us, and be part of a team solving some of the most exciting challenges in the industry. 

CoreWeave powers the creation and delivery of the intelligence that drives innovation. To learn more about our values, please visit our careers website.

About the Role:

We are seeking a highly experienced and strategic Principal Security Engineer to join our team. In this role, you will be responsible for shaping and driving the security architecture vision across the organization. You will work closely with cross-functional teams, including IT, engineering, and executive leadership, to design, implement, and optimize security solutions that protect our company’s critical assets and align with business objectives. Your primary focus will be identifying the most pressing security initiatives, ensuring compliance with industry standards, and mitigating risks in a rapidly evolving threat landscape.

Core Responsibilities:

• Lead the development of the organization's security architecture strategy, ensuring it aligns with business goals and regulatory requirements
• Identify and prioritize critical security initiatives based on risk assessments, emerging threats, and business needs
• Design and implement security frameworks and architectures that protect the organization’s data, applications, and infrastructure
• Provide subject matter expertise on secure coding practices, network architecture, and cloud security to ensure robust security by design
• Conduct comprehensive security risk assessments across various domains, including network, application, and data security
• Develop risk mitigation strategies and guide the implementation of security controls to reduce identified risks
• Evaluate and recommend security technologies, tools, and solutions to address current and future security challenges
• Lead the implementation and integration of security technologies across the organization, ensuring minimal disruption to business operations
• Act as a trusted advisor to senior leadership, providing expert guidance on security matters and advocating for necessary investments in security initiatives
• Collaborate with IT, engineering, and other relevant teams to ensure security considerations are embedded in all technology projects and initiatives
• Mentor and guide junior security engineers and other technical staff, fostering a culture of security awareness and best practices
• Ensure that the organization’s security practices comply with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, ISO/IEC 27001)
• Develop and enforce security policies, standards, and procedures across the organizationLead the design and implementation of incident response plans, ensuring the organization is prepared to respond effectively to security breaches
• Oversee post-incident analysis and recovery efforts, providing recommendations for improving security posture
  

Minimum Qualifications & Experience:

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field
• 10+ years of experience in information security, with a focus on security architecture and design
• Proven experience in leading security initiatives and influencing senior leadership on security matters
• Proficiency in one or more modern programming languages (Python/Golang)
• In-depth knowledge of security frameworks, standards, and best practices (e.g., NIST, SOC2, ISO 27001, CIS)
• Strong understanding of network security, cloud security, application security, and data protection technologies
• Experience with security tools and technologies, such as SIEM, IDS/IPS, encryption, and IAM solutions
• Excellent analytical, problem-solving, and decision-making skills
• Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences
• Relevant certifications such as CISSP, CISM, or SABSA are highly desirable

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $260,000-$300,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.

What We Offer

The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.

In addition to a competitive salary, we offer a variety of benefits to support your needs, including:

• Medical, dental, and vision insurance - 100% paid for by the employee
• Company-paid Life Insurance 
• Voluntary supplemental life insurance 
• Short and long-term disability insurance 
• Flexible Spending Account
• Tuition Reimbursement 
• Mental Wellness Benefits through Spring Health 
• Family-Forming support provided by Carrot
• Paid Parental Leave 
• Flexible, full-service childcare support with Kinside
• 401(k) with a generous employer match
• Flexible PTO
• Catered lunch each day in our office and data center locations
• A casual work environment
• A work culture focused on innovative disruption

Our Workplace

At CoreWeave, we are committed to operating as a hybrid workplace, offering employees flexibility in how they structure their time between in-office and remote work. We recognize the significance of fostering connections, collaboration, and creativity within our office culture and its positive impact on our business. Our philosophy operating as a hybrid workplace underscores our dedication to enabling employees to tailor work-life balance to their individual preferences.

For those who do not live within 30 miles of one of our offices, we are open to considering remote work for candidates whose skills and experience strongly align with the role. While we prioritize a hybrid work environment for most roles, we understand the importance of flexibility and are open to remote work for specific positions and specialized skill sets. Onboarding is essential to your success. New employees not based out of an office will be invited to attend onboarding training at one of our hubs within their first month of employment. We continue to foster a collaborative environment by bringing teams together quarterly.

California Consumer Privacy Act - California applicants only

CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace. All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.

As part of this commitment and consistent with the Americans with Disabilities Act (ADA), CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship. If reasonable accommodation is needed, please contact: careers@coreweave.com.