Offensive Security Engineer

CoreWeave•Sunnyvale, CA

5h•$165,000 - $242,000•Hybrid

About The Position

CoreWeave is The Essential Cloud for AI™. Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, CoreWeave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, CoreWeave became a publicly traded company (Nasdaq: CRWV) in March 2025. Learn more at www.coreweave.com. CoreWeave’s Information Security team is seeking an experienced and talented offensive security engineer to join our team. As part of the Information Security Organization at CoreWeave, security engineers work to measure and improve the security of internal and external infrastructure and application offerings that provide high-power compute to customers. CoreWeave Security engineers integrate within engineering to act as a security liaison between product, engineering, and security. They provide assurance to business & network partners that CoreWeave’s capabilities and technologies have been adequately hardened.

Requirements

Proficiency in using at least one programming or scripting language (e.g. GoLang, Python, C/++) to solve automatable tasks and perform code reviews
At least five years of experience in the offensive information security industry
Penetration Testing experience
Strong technical background and experience writing and using offensive security tooling
Experience using Kubernetes and Kubernetes-related security measures
Extensive experience with Linux OS environments
Ability to navigate ambiguity and determine solutions to underlying problems
Excellent interpersonal, verbal, and written communication skills with strong attention to detail
Ability to work with minimal supervision while handling multiple tasks in a fast-paced environment
A strong desire to learn new technologies and skills

Nice To Haves

Experience with firmware reverse engineering; analyzing systems firmware, binaries, and bootloaders to uncover security flaws
Certifications like Sec+, Net+, OSCP, or other relevant industry certifications
An understanding of best practices and how to implement them at a business-wide level
5+ years' experience in the information security industry or related role
Experience with EDR tuning, detections-as-code, and threat hunting as a Blue Team member

Responsibilities

Perform penetration testing as well as purple and red team exercises
Conduct threat modeling, code reviews, and design reviews for development teams within the business
Research/stay abreast of new hacking techniques and find ways to counter them
Find effective solutions to information security related problems
Develop best practices and improve security standards for the organization to adhere to while maintaining our internal compliance stance and security posture
Ability to provide solutions to complex issues; handle multiple tasks in a fast-paced environment; set priorities; meet deadlines per project scope
Demonstrated ability to present complex, technical information to both technical and non-technical audiences
Strong time management, good technical writing, presentation, and documentation skills
Ability to work with minimal supervision, attention to detail, and follow-through
Other work-related duties as assigned