Detection Engineering - Security Engineer

What You’ll Do

On this team, you will:

• Design cutting-edge detection strategies at scales most security engineers only dream about


• Collaborate with talented peers in an innovative environment focused on excellence


• Enjoy the autonomy and encouragement to innovate and influence CoreWeave’s security landscape directly

In this role, you will be responsible for:

• Developing and implementing advanced threat detection capabilities to proactively identify and mitigate cyber threats


• Crafting precise and efficient custom detection logic tailored to evolving threat landscapes


• Leading and/or participating in real-time security incident response, threat containment, and remediation.


• Conducting proactive threat-hunting exercises to uncover hidden vulnerabilities and anticipate threats


• Collaborating closely with cross-functional teams to enhance security visibility and detection effectiveness


• Continuously researching and staying informed about emerging threats, attack vectors, and detection methodologies


• Participating in strategic security initiatives, contributing your expertise to security architecture and controls


• Engaging in security assessments to uphold our high standards for security and compliance


• Occasionally, "drawing the owl" - figuring out innovative solutions while navigating ambiguous situations

Investing in our people is one of our top priorities, and we value candidates who can bring their diversified experiences to our teams. Here are some qualities we’ve found compatible with our team. We'd love to talk about whether this aligns with your experience and interests and what you’re excited to work on next.

Who You Are

Minimum Qualifications

• Proven ability to deliver impactful projects spanning multiple technical domains and teams


• Extensive experience crafting custom alert logic within industry-standard tooling, like KQL, SQL, etc


• Familiarity with Kubernetes fundamentals and enthusiasm to deepen your expertise.


• Experience collaborating closely with Purple and Red Teams, leveraging findings to enhance detection capabilities.


• Solid understanding of modern TTP frameworks such as MITRE ATT&CK and Cyber Kill Chain.


• Proficiency in at least one query language (e.g., SQL, Splunk Query Language, HiveQL).


• Competency in writing detections in multiple languages (Python, Bash, Go, JavaScript, etc.)


• Strong foundational knowledge of Linux or macOS internals and their relevant event sources (eBPF, Endpoint Security Framework)


• Practical experience applying and contributing to the Incident Response Lifecycle methodology

Preferred Qualifications

• Deep understanding of Kubernetes-specific detection and security challenges


• Contributions to the open-source security community or experience developing detection tooling


• Experience leveraging advanced analytics or machine learning techniques in detection engineering

Please note that this role is not a typical 9-5 job. There may be instances where real-time incident response requires active participation outside business hours. On-call hours (including weekends and holidays) and all-hands-on-deck participation during active incidents are expected. If crafting sophisticated detection strategies and staying ahead of threats in a dynamic, innovative environment excites you, we’d love to connect!

Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $160,000/year to $275,000/year. Pay is based on a number of factors including location, level, job-related knowledge, skills, and experience.