CoreWeave is looking for a curious and creative Security Engineer to join our Infrastructure Security team. The InfraSec team is responsible for the security posture and security tooling around our core Kubernetes infrastructure and provides security-focused solutions to the larger engineering organization. As a Senior Security Engineer, you will be responsible for overseeing and ensuring the efficiency of our Kubernetes deployments. In this role, you'll be part of a team developing new approaches to securing Kubernetes at a never-before-seen scale and complexity.
Responsibilities:
- Maintain security tooling including just-in-time access systems and zero-trust infrastructure
- Develop reference security frameworks to support standardized approaches to security challenges
- Work cross-functionally to maintain and evolve authorization frameworks to support evolving business needs
- Build and maintain core security tooling documentation for internal self-service use and reference
- Participate in engineering design discussions from a security perspective
- Participate in a rotating on-call schedule
Qualifications & Experience:
- 3+ years working with Kubernetes and, more specifically, securing it
- 5+ years working with Linux
- Proficient in Go and/or Python (you can write software in one of these languages)
- Demonstrated experience working with and developing containerized applications
- Demonstrated experience contributing to technical and procedural documentation and policies
- Experience with CI/CD tools and approaches
- Experience with Infrastructure-as-Code software and tooling
Nice to Have:
- Experience with remote-access products such as Teleport
- Understanding of SSO protocols, specifically OIDC and SAML
- Experience leveraging PKI and mTLS