All Jobs
CoreWeave
Posted on 
Nov 7, 2023

Director, Security Engineering

New York City
Director
Engineering
Apply NowApply Now
CoreWeave
CoreWeave
CoreWeave

CoreWeave

https://www.coreweave.com/
Private
101-250
Software, Security & Developer Tools

CoreWeave is a specialized cloud provider focused on GPU accelerated use cases including VFX, AI/ML, Batch Processing and Real Time Experiences. We support countless AI/ML services in the text to image, NLP and broader AI/ML space, reducing client’s infrastructure management requirements with our Kubernetes based serverless GPU cloud offerings.

Job Description

Description:

The Director, Security Engineering at CoreWeave will be responsible for designing, building and supporting the security infrastructure and supporting security features of the CoreWeave Cloud and associated technologies. This role is a high visibility role and of the utmost importance for ensuring CoreWeave builds leading security capabilities in order to protect the infrastructure and assets running the world-leading specialized GPU cloud. This position is new to the Organization and the successful candidate will be able to identify needs, build a team and execute on a plan to deliver the aforementioned responsibilities.

 

Core role responsibilities include, but are not limited to:

  • Develop and execute a comprehensive security strategy and roadmap that aligns with the CoreWeave’s goals and objectives. Manage Security Engineering’s core projects through the entire project lifecycle.
  • Recruit, lead, and manage the Security Engineering team, provide guidance, mentorship, and direction to ensure the team's success. Ability to conduct technical interviews to help identify and recruit top technical security professionals is a must.
  • Lead and develop a team of security engineers; provide technical leadership through hands-on development work and execution. A successful candidate in this role is also a technical leader, meaning you are not afraid to get your hands dirty.
  • Collaborate with CoreWeave’s Engineering, Product, Legal, IT, Internal Audit and other teams to integrate security best practices into the development and deployment of products and services.
  • Monitor industry trends, threat intelligence, and regulatory changes in order to adapt Security Engineering’s goals and objectives to rapidly address emerging security challenges.
  • Evaluate the efficacy of third-party and internally developed security controls.
  • Utilize security automation, scripting, and third-party tools as a force multiplier in tackling large-scale security issues. Additionally, identify opportunities for security automation in repeatable processes.
  • Define and improve CoreWeave’s cybersecurity policies, standards, baselines, and secure design documentation.
  • Identify and assess potential security risks and vulnerabilities associated with the company's platform, systems, and infrastructure through thread modeling and security assessments, as well as design programs and initiatives to mitigate security risks and increase security hardening on new and existing builds.
  • Communicate nuanced and wide-spread security issues to a diverse audience of technical and non-technical leaders.

 

Minimum Qualifications & Experience:

  • A minimum of 8+ years of experience in security engineering, with at least 3+ years in a security leadership role.
  • Bachelor’s Degree in Computer Science, Engineering, or other related discipline or 8+ years of previous technical experience, specifically security engineering and architecture experience.
  • Proven track record of developing a highly effective technical team of security engineers.
  • Exceptional technical skills as well as verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
  • Thorough understanding of OWASP Top 10 and the MITRE ATT&CK framework, including threats faced by cloud service providers and digital platform organizations.
  • 5+ years hands-on experience in managing enterprise security tools such as Vulnerability Management Tools, Network Security Tools, Security Orchestration solutions, Security Information and Event Monitoring (SIEM), PKI, VPN, etc.
  • Hands-on technical experience with Kubernetes infrastructure, on-premises network and compute architectures and, specifically, the security aspects thereof.
  • Define KPIs and business metrics which ensures that information security provides great service to its internal customers, especially engineering stakeholders.
  • Hands on technical experience with compliance and regulatory frameworks (e.g. SOC2, ISO, GDPR, HIPAA, HITRUST, FedRAMP) and how they affect architecture designs and reviews.
  • You hold security certifications in one or more of the following:

+ ITIL Foundation, Project+, CAPM, GIAC Cloud Security Automation (GCSA), Certified Kubernetes Security Specialist (CKS), Kubernetes and Cloud Security Associate (KCSA), Certified Kubernetes Administrator (CKA), OSCP, OSCE, CRTO, CISSP, CASP, GIAC Penetration Tester Certification (GPEN), GIAC Certified Project Manager (GCPM), GIAC Security Operations Manager Certification (GSOM), GIAC Security Leadership (GSLC), GIAC Strategic Planning, Policy, and Leadership (GSTRT), GIAC Systems and Network Auditor Certification (GSNA), GIAC Cloud Security Automation (GCSA), GIAC Certified Incident Handler Certification (GCIH), GIAC Experienced Incident Handler (GX-IH)

 

This position requires the resource to be on-site at least three days a week. The Director for Security Engineering will be ingrained within the core of the Engineering and Security teams. There will be times where the resource needs to be available outside of regular business hours to support critical issues, projects or meetings. CoreWeave is a fast growth startup, and the selected candidate is willing to be flexible for when they are needed.

Description:

The Director, Security Engineering at CoreWeave will be responsible for designing, building and supporting the security infrastructure and supporting security features of the CoreWeave Cloud and associated technologies. This role is a high visibility role and of the utmost importance for ensuring CoreWeave builds leading security capabilities in order to protect the infrastructure and assets running the world-leading specialized GPU cloud. This position is new to the Organization and the successful candidate will be able to identify needs, build a team and execute on a plan to deliver the aforementioned responsibilities.

 

Core role responsibilities include, but are not limited to:

  • Develop and execute a comprehensive security strategy and roadmap that aligns with the CoreWeave’s goals and objectives. Manage Security Engineering’s core projects through the entire project lifecycle.
  • Recruit, lead, and manage the Security Engineering team, provide guidance, mentorship, and direction to ensure the team's success. Ability to conduct technical interviews to help identify and recruit top technical security professionals is a must.
  • Lead and develop a team of security engineers; provide technical leadership through hands-on development work and execution. A successful candidate in this role is also a technical leader, meaning you are not afraid to get your hands dirty.
  • Collaborate with CoreWeave’s Engineering, Product, Legal, IT, Internal Audit and other teams to integrate security best practices into the development and deployment of products and services.
  • Monitor industry trends, threat intelligence, and regulatory changes in order to adapt Security Engineering’s goals and objectives to rapidly address emerging security challenges.
  • Evaluate the efficacy of third-party and internally developed security controls.
  • Utilize security automation, scripting, and third-party tools as a force multiplier in tackling large-scale security issues. Additionally, identify opportunities for security automation in repeatable processes.
  • Define and improve CoreWeave’s cybersecurity policies, standards, baselines, and secure design documentation.
  • Identify and assess potential security risks and vulnerabilities associated with the company's platform, systems, and infrastructure through thread modeling and security assessments, as well as design programs and initiatives to mitigate security risks and increase security hardening on new and existing builds.
  • Communicate nuanced and wide-spread security issues to a diverse audience of technical and non-technical leaders.

 

Minimum Qualifications & Experience:

  • A minimum of 8+ years of experience in security engineering, with at least 3+ years in a security leadership role.
  • Bachelor’s Degree in Computer Science, Engineering, or other related discipline or 8+ years of previous technical experience, specifically security engineering and architecture experience.
  • Proven track record of developing a highly effective technical team of security engineers.
  • Exceptional technical skills as well as verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
  • Thorough understanding of OWASP Top 10 and the MITRE ATT&CK framework, including threats faced by cloud service providers and digital platform organizations.
  • 5+ years hands-on experience in managing enterprise security tools such as Vulnerability Management Tools, Network Security Tools, Security Orchestration solutions, Security Information and Event Monitoring (SIEM), PKI, VPN, etc.
  • Hands-on technical experience with Kubernetes infrastructure, on-premises network and compute architectures and, specifically, the security aspects thereof.
  • Define KPIs and business metrics which ensures that information security provides great service to its internal customers, especially engineering stakeholders.
  • Hands on technical experience with compliance and regulatory frameworks (e.g. SOC2, ISO, GDPR, HIPAA, HITRUST, FedRAMP) and how they affect architecture designs and reviews.
  • You hold security certifications in one or more of the following:
    • ITIL Foundation, Project+, CAPM, GIAC Cloud Security Automation (GCSA), Certified Kubernetes Security Specialist (CKS), Kubernetes and Cloud Security Associate (KCSA), Certified Kubernetes Administrator (CKA), OSCP, OSCE, CRTO, CISSP, CASP, GIAC Penetration Tester Certification (GPEN), GIAC Certified Project Manager (GCPM), GIAC Security Operations Manager Certification (GSOM), GIAC Security Leadership (GSLC), GIAC Strategic Planning, Policy, and Leadership (GSTRT), GIAC Systems and Network Auditor Certification (GSNA), GIAC Cloud Security Automation (GCSA), GIAC Certified Incident Handler Certification (GCIH), GIAC Experienced Incident Handler (GX-IH)

 

This position requires the resource to be on-site at least three days a week. The Director for Security Engineering will be ingrained within the core of the Engineering and Security teams. There will be times where the resource needs to be available outside of regular business hours to support critical issues, projects or meetings. CoreWeave is a fast growth startup, and the selected candidate is willing to be flexible for when they are needed.

Apply NowApply Now
Why apply via Tech Ladies
Recommended Jobs
SourcegraphSourcegraph
Sourcegraph
Engineering Manager, Product Platform (M4)
Sourcegraph
Hudson River TradingHudson River Trading
Hudson River Trading
Software Engineer (C++) – 2024 Grads
Hudson River Trading
Singapore
CoreWeaveCoreWeave
CoreWeave
Senior Engineer: Kubernetes Platforms
CoreWeave
Leonardo DRS, Inc.Leonardo DRS, Inc.
Leonardo DRS, Inc.
Principal Software Engineer
Leonardo DRS, Inc.
California
See All Jobs
Receive Tech Ladies'
newest jobs in your inbox,
every week.

Join Tech Ladies for full-access to the job board, member-only events, and more!

If you're already a member, we haven't forgotten you. We promise. It's a new system. If you fill out the form once, it'll remember you going forward. Apologies for the inconvenience.

New York City
New York City
No items found.
Engineering
Engineering
In-Person
In-Person