CoreWeave is going through a very significant growth as we scale to support our customers and we need to build the next generation security tools to help us defend against vulnerabilities as they arise. We are seeking an experienced leader to join our team as the Senior Manager for our Vulnerability Management team. The Senior Manager, Vulnerability Management is responsible for running, evolving and operating CoreWeave’s vulnerability management program and personnel. This person is responsible for working with cross-functional teams as well as with peer engineering stakeholders to measure, maintain, and improve the security posture of CoreWeave.
What You'll Do
- Creating and overseeing the execution of vulnerability management policies and procedures (e.g. patching)
- Establishing and meeting Service Level Objectives for both enterprise security and product impacting vulnerabilities
- Creating and ensuring the adherence to procedures for notifying both the business and clients (where applicable) about risk and impacts from security vulnerabilities.
- Communicating and coordinating with other teams in order to triage and remediate vulnerabilities in first and third-party software and software dependencies
- Acting as a liaison between other teams (Hardware, Application Security, Offensive Security) in order to appropriately assign, follow, and close security tickets
Who You Are
- Experienced in establishing and managing a vulnerability management program at scale
- Skilled in leading a team of vulnerability engineers and analysts to identify, triage, and support vulnerability remediation
- Proficient in risk assessment, identifying high-impact vulnerabilities, and driving remediations across engineering and IT teams
- Knowledgeable in identifying and remediating CVEs within large infrastructure environments
- Extensive hands-on experience with Linux OS, including security tool management, server administration, and patching for Linux and Windows
- Experienced in managing security compliance tools like EDR, antivirus, and log analysis in complex environments
- Eager to learn and adopt new technologies as required
- Strong technical background, particularly with cybersecurity tools
- Proficiency with enterprise-level information security tools, systems administration, and troubleshooting for servers and workstations
- Knowledge of cloud-based infrastructures and network concepts/protocols
- Familiarity with Linux OS environments and cybersecurity certifications such as Security+, Network+
- Experience with container orchestration, like Kubernetes
- Competence in creating and presenting technical strategies and solution recommendations
- Skilled in designing and implementing technical solutions, integrating new technologies into existing portfolios
- Experience collaborating with cross-functional teams, especially engineering
- Preferred certifications include GREM, GPEN, GCED, CEH, GSEC, OSCP
The Senior Manager for the Vulnerability Management team works standard business hours and may be required to perform job duties outside of normal business hours as needed, aligned to job duties.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $220,000-$260,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.