We are seeking a Staff Security Engineer to lead the most complex technical work in CoreWeave's Vulnerability Management program.
\nAs a Staff Security Engineer, you will design and implement scalable triage, prioritization, and remediation-tracking systems across application, infrastructure, and hardware domains. You will set technical standards, drive high-impact initiatives, and mentor engineers through technical leadership, while partnering with leadership on priorities and execution risks.
\nKey Responsibilities:
\nRequirements:
\nPreferred Qualifications:
\nSalary and Benefits: The base salary range for this role is $188,000 to $275,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).
\nWork Environment:
\nWhile we prioritize a hybrid work environment, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets. New hires will be invited to attend onboarding at one of our hubs within their first month. Teams also gather quarterly to support collaboration.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_770c5fe8-cce","directApply":true,"hiringOrganization":{"@type":"Organization","name":"CoreWeave","sameAs":"https://www.coreweave.com","logo":"https://logos.yubhub.co/coreweave.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/coreweave/jobs/4653130006","x-work-arrangement":"hybrid","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$188,000 to $275,000","x-skills-required":["vulnerability management","application security","platform security","cloud security engineering","security automation","AI/ML systems","detection pipelines","Python","Go","modern vulnerability management tooling","GPU/DPU environments","firmware security","hardware vulnerabilities","high-performance computing"],"x-skills-preferred":["AI/ML-powered security systems","LLM integration","automated decision-making","human-in-the-loop validation","security automation platforms","TINES","serverless frameworks","AWS Lambda","GCP Cloud Functions","DevOps","DevSecOps","SRE","Kubernetes security","container scanning","admission controllers","supply chain security","runtime protection"],"datePosted":"2026-04-18T15:59:06.360Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Livingston, NJ / New York, NY / Sunnyvale, CA / Bellevue, WA"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"vulnerability management, application security, platform security, cloud security engineering, security automation, AI/ML systems, detection pipelines, Python, Go, modern vulnerability management tooling, GPU/DPU environments, firmware security, hardware vulnerabilities, high-performance computing, AI/ML-powered security systems, LLM integration, automated decision-making, human-in-the-loop validation, security automation platforms, TINES, serverless frameworks, AWS Lambda, GCP Cloud Functions, DevOps, DevSecOps, SRE, Kubernetes security, container scanning, admission controllers, supply chain security, runtime protection","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":188000,"maxValue":275000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_f2ee807d-528"},"title":"Security Engineer","description":"We're seeking a Security Engineer at the senior-level or above focused on software and systems security to own the security of Saronic's software platforms, build systems, and deployment infrastructure from development through production.
\nAs a Security Engineer, you will be the technical authority on how Saronic builds, ships, and runs secure software. You will lead secure code review, SAST, DAST, and fuzzing efforts, and define secure coding standards for Rust development including memory safety practices, safe FFI boundaries, and secure error handling.
\nYou will conduct threat modeling for software systems and translate findings into actionable security requirements integrated into design reviews and sprint planning. You will drive vulnerability management for software dependencies, including tracking, prioritization, and remediation of vulnerabilities in third-party crates and libraries.
\nYou will secure and harden NixOS configurations for vessel platforms and development infrastructure, leveraging Nix's reproducibility and declarative model for security enforcement. You will design system hardening profiles in NixOS including kernel hardening, service isolation, mandatory access controls, and minimal attack surface configurations.
\nYou will define and enforce package management and dependency policies within the Nix ecosystem, ensuring build closures are auditable, reproducible, and free from unauthorized or vulnerable packages. You will architect secure system update and rollback mechanisms using NixOS capabilities, ensuring fleet-wide consistency and integrity.
\nYou will design and implement security controls across the CI/CD pipeline including source integrity, build isolation, artifact signing, and deployment verification with build environments that are ephemeral, isolated, and hardened.
\nYou will build and maintain software supply chain security practices aligned to SLSA framework principles, including provenance tracking, hermetic builds, signed attestations, and SBOM generation.
\nYou will integrate security scanning (SAST, SCA, container scanning, secrets detection) into CI/CD pipelines as automated guardrails, and create self-service pipeline templates that enable teams to ship without bottlenecks.
\nYou will design secure deployment patterns for vessel software updates, including secure delivery, integrity verification, and rollback capabilities.
\nYou will implement runtime application security controls including logging, monitoring, and anomaly detection for deployed services.
\nYou will define software and systems security standards, patterns, and reference architectures that engineering teams adopt as the default secure path.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_f2ee807d-528","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Saronic Technologies","sameAs":"https://www.saronictechnologies.com/","logo":"https://logos.yubhub.co/saronictechnologies.com.png"},"x-apply-url":"https://jobs.lever.co/saronic/70738ef6-22be-464f-a451-09882093482d","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Rust","NixOS","CI/CD pipeline security","software supply chain security","SLSA framework principles","provenance tracking","hermetic builds","signed attestations","SBOM generation","security scanning","SAST","SCA","container scanning","secrets detection"],"x-skills-preferred":["NixOS experience","hands-on NixOS experience","experience securing software for embedded or resource-constrained Linux environments"],"datePosted":"2026-04-17T12:58:06.790Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Francisco"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Rust, NixOS, CI/CD pipeline security, software supply chain security, SLSA framework principles, provenance tracking, hermetic builds, signed attestations, SBOM generation, security scanning, SAST, SCA, container scanning, secrets detection, NixOS experience, hands-on NixOS experience, experience securing software for embedded or resource-constrained Linux environments"}]}