Vulnerability Remediation Engineer II

About CoreWeave

CoreWeave is The Essential Cloud for AI™. Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, CoreWeave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, CoreWeave became a publicly traded company (Nasdaq: CRWV) in March 2025. Learn more at www.coreweave.com.

Job Overview

We are seeking a Vulnerability Remediation Engineer II to join our growing team. This role is crucial for identifying and mitigating security risks within our infrastructure, ensuring the integrity and security of our AI cloud platform.

Key Responsibilities

• Coordinate and conduct cybersecurity assessments to identify gaps and potential threats.
• Collaborate with engineering and technology teams to implement remediation plans.
• Manage the end-to-end vulnerability assessment life-cycle, including pre-assessment meetings, evidence collection, workflow management, and report generation.
• Document risks associated with compliance issues.
• Organize network-based scans to identify network security vulnerabilities.
• Perform host-based scans to identify vulnerabilities in workstations, servers, and other network hosts.
• Record non-compliance as gaps and assist impacted technology teams in remediation efforts.

Job Requirements

• Bachelor's degree (U.S. or foreign equivalent) in Information Security, Computer Science, or related field and five (5) years of experience in an Information Security Analyst role; OR Master’s degree (U.S. or foreign equivalent) in Information Security, Computer Science, or related field and three (3) years of experience in an Information Security Analyst role.
• Three (3) years of experience in vulnerability analysis, remediation, or IT program management.
• Experience in or leading a vulnerability assessment and remediation team.
• Familiarity with industry standards and regulations, including SOC 2, ISO27001:2022, or GDPR.

What We Offer

• Competitive salary range: $173,056–$181,000 per year.
• Discretionary bonus, equity awards, and comprehensive benefits.
• Medical, dental, and vision insurance - 100% paid for by CoreWeave.
• Company-paid Life Insurance, Voluntary supplemental life insurance, Short and long-term disability insurance.
• Flexible Spending Account, Health Savings Account, Tuition Reimbursement.
• Employee Stock Purchase Program (ESPP) and Mental Wellness Benefits through Spring Health.
• Family-Forming support provided by Carrot, Paid Parental Leave, and flexible childcare support with Kinside.
• 401(k) with a generous employer match and Flexible PTO.
• Catered lunch each day and a casual work environment.
• A work culture focused on innovative disruption.

Workplace & Telecommuting

Telecommuting permitted 50%: work may be performed within normal commuting distance from the CoreWeave, Inc. office in Livingston, NJ. Hybrid work environment is prioritized, with remote work considered for candidates over 30 miles from an office, based on role requirements. Teams gather quarterly for collaboration.

Key skills/competency

• Vulnerability Assessment
• Vulnerability Remediation
• Cybersecurity
• Information Security
• IT Program Management
• SOC 2
• ISO27001
• GDPR
• Risk Management
• Security Analysis