CoreWeave is The Essential Cloud for AI™. Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, CoreWeave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, CoreWeave became a publicly traded company (Nasdaq: CRWV) in March 2025. Learn more at www.coreweave.com .
What You’ll Do:
The Enterprise Security team at CoreWeave is responsible for securing how our people work every day—identity, endpoints, networks, and SaaS—so the company can move fast without compromising safety. This team owns the controls, guardrails, and automation that keep our workforce, contractors, and critical business applications protected in a modern, cloud-native environment.
If you’re excited about zero trust , phishing-resistant MFA , and building secure-by-default experiences that actually make people more productive, this is the team to join.
About the Role:
As a Senior Security Engineer, Enterprise Security , you’ll design and ship the security controls that underpin CoreWeave’s workforce and enterprise stack. You’ll lead initiatives across identity, access management, device and endpoint security, and SaaS security—partnering closely with IT Engineering, Endpoint, Network, and other security teams.
Your day-to-day will blend hands-on engineering (writing code, building integrations, tuning controls) with architecture and program ownership (setting standards, defining patterns, and driving adoption across teams). You’ll be responsible for turning high-level objectives—like “implement zero trust for workforce access” or “deploy phishing-resistant MFA at scale”—into concrete designs, automation, and measurable risk reduction.
In this role, you will:
Engineer modern identity and access controls
- Design, implement, and operate workforce identity solutions (e.g., Okta/Entra and other IdPs) including SSO, MFA, conditional access, and lifecycle automation via SCIM.
- Develop and roll out phishing-resistant MFA for high-value accounts and critical access paths (e.g., FIDO2/WebAuthn, hardware keys, device-bound authenticators).
- Define and maintain RBAC/IAM patterns for enterprise applications (role models, groups, entitlements, JIT access, and approvals).
Implement zero trust for workforce and enterprise access
- Design and deploy controls that combine user identity, device posture, network context, and application sensitivity to enforce least-privilege access.
- Partner with Network and Infrastructure teams to integrate mTLS, service identity, and policy-based access into internal services and admin interfaces.
- Help transition from legacy perimeter models to zero trust netw