Senior Manager, Vulnerability Management

CoreWeave is the AI Hyperscaler™, delivering a cloud platform of cutting edge services powering the next wave of AI. Our technology provides enterprises and leading AI labs with the most performant, efficient and resilient solutions for accelerated computing. Since 2017, CoreWeave has operated a growing footprint of data centers covering every region of the US and across Europe. CoreWeave was ranked as one of the TIME100 most influential companies of 2024.

As the leader in the industry, we thrive in an environment where adaptability and resilience are key. Our culture offers career-defining opportunities for those who excel amid change and challenge. If you’re someone who thrives in a dynamic environment, enjoys solving complex problems, and is eager to make a significant impact, CoreWeave is the place for you. Join us, and be part of a team solving some of the most exciting challenges in the industry.  

CoreWeave powers the creation and delivery of the intelligence that drives innovation. 

About the role:

CoreWeave is a leading specialized cloud computing provider, offering GPU-accelerated infrastructure for AI, machine learning, and other computationally intensive workloads. CoreWeave has rapidly grown to become a key player in the AI cloud space and operates multiple data centers across the U.S., leveraging NVIDIA GPUs to serve high-profile clients. With its advanced, high-performance infrastructure, CoreWeave leads the way in meeting the escalating demands of AI and machine learning technologies.

CoreWeave is going through a very significant growth as we scale to support our customers and we need to build the next generation security tools to help us defend against vulnerabilities as they arise. We are seeking an experienced leader to join our team as the Senior Manager for our Vulnerability Management team. The Senior Manager, Vulnerability Management is responsible for running, evolving and operating CoreWeave’s vulnerability management program and personnel. This person is responsible for working with cross-functional teams as well as with peer engineering stakeholders to measure, maintain, and improve the security posture of CoreWeave.

Core job duties include, but are not limited to:

• Creating and overseeing the execution of vulnerability management policies and procedures (e.g. patching)
• Establishing and meeting Service Level Objectives for both enterprise security and product impacting vulnerabilities
• Creating and ensuring the adherence to procedures for notifying both the business and clients (where applicable) about risk and impacts from security vulnerabilities. 
• Communicating and coordinating with other teams in order to triage and remediate vulnerabilities in first and third-party software and software dependencies
• Acting as a liaison between other teams (Hardware, Application Security, Offensive Security) in order to appropriately assign, follow, and close security tickets

Wondering if you’re a good fit? We believe in investing in our people, and value candidates who can bring their own diversified experiences to our teams – even if you aren't a 100% skill or experience match. Here are a few qualities we’ve found compatible with our team. If some of this describes you, we’d love to talk. 

Minimum Qualifications 

• Experience establishing and maintaining a vulnerability management program at scale
• Ability to drive a team of vulnerability security engineers and analysts to focus on identifying, triaging and assisting in remediating vulnerabilities
• Ability to risk assess and distingusih what a critical or high impacting vulnerability is within CoreWeave’s environment and drive appropriate remediations across multiple engineering and IT teams when necessary.
• Knowledge and experience with the identification and remediation of CVEs within a large infrastructure deployment
• Extensive experience with Linux OS environments
• Hands-on experience managing security tools servers in a large environment, including routine Linux and Windows patching and application patching/upgrades
• Experience managing/troubleshooting server, workstation, local EDR, anti-virus software, log analysis as it relates to security compliance
• Willingness to learn new technologies/toolsets as part of the job responsibilities
• Strong technical background and experience with cyber tooling

Preferred Skills:

Experience operating and maintaining enterprise-level information security tools, proven experience in Systems Administration, including server & workstation troubleshooting, Knowledge and experience with cloud-based infrastructures, Knowledge of network concepts/protocols, Familiarity with Linux operating systems, Security+, Network+

The preferred candidate also has experience with or knowledge of the following skills & qualifications:

• Experience with container orchestration technologies such as Kubernetes
• Familiarity with sending Requests for Proposals (RFPs) to gather information regarding the installation of new cyber tooling to best protect the company
• Creating and presenting technical strategies and technical solution recommendations
• Designing and implementing technical solutions
• Integrating new technologies into existing technology portfolio
• Collaborating with cross-functional teams, including engineering
• Has any of the following certifications: GIAC Reverse Engineering Malware (GREM), GIAC Penetration Testing Certification (GPEN), GIAC Certified Enterprise Defender (GCED), Certified Ethical Hacker (CEH), GIAC Security Essentials Certification (GSEC), Offensive Security Certified Professional (OSCP)

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $190,000 - $282,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. This position also includes a discretionary bonus, equity, and a comprehensive benefits package.

What We Offer

The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.

In addition to a competitive salary, we offer a variety of benefits to support your needs, including:

• Medical, dental, and vision insurance - 100% paid for by CoreWeave
• Company-paid Life Insurance 
• Voluntary supplemental life insurance 
• Short and long-term disability insurance 
• Flexible Spending Account
• Health Savings Account
• Tuition Reimbursement 
• Mental Wellness Benefits through Spring Health 
• Family-Forming support provided by Carrot
• Paid Parental Leave 
• Flexible, full-service childcare support with Kinside
• 401(k) with a generous employer match
• Flexible PTO
• Catered lunch each day in our office and data center locations
• A casual work environment
• A work culture focused on innovative disruption

Our Workplace

While we prioritize a hybrid work environment, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets. New hires will be invited to attend onboarding at one of our hubs within their first month. Teams also gather quarterly to support collaboration

California Consumer Privacy Act - California applicants only

CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace. All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.

As part of this commitment and consistent with the Americans with Disabilities Act (ADA), CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship. If reasonable accommodation is needed, please contact: careers@coreweave.com.