Security Assurance Engineering - Senior Security Production Engineer

Core Weave is The Essential Cloud for AI™. Built for pioneers by pioneers, Core Weave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, Core Weave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, Core Weave became a publicly traded company (Nasdaq: CRWV) in March 2025.

Learn more at

As a Senior Security Production Engineer focused on Assurance Systems at Core Weave, you will design, build, and operate the production infrastructure that continuously validates the effectiveness of our security controls s role treats security assurance as first‑class engineering infrastructure, not a point‑in‑time compliance exercise.

This is a cutting edge software and production engineering role that applies modern reliability, automation, and systems design practices to security assurance. The work sits at the intersection of engineering systems and regulatory requirements, translating control intent into scalable, reliable, production‑grade infrastructure.

You will own the reliability, scalability, performance, and correctness of automated assurance systems that provide continuous visibility into control health, security posture, and risk signals across our cloud platforms and Kubernetes environments. Your work will power Core Weave’s ability to meet regulatory requirements without slowing the business or relying on manual evidence collection.

You will partner closely with GRC, platform engineering, and security domain teams to translate control intent into durable technical signals, while retaining full engineering ownership of how those systems are designed, built, and operated.

• Design and build scalable automation, including evidence enrichment, API services, control monitoring, remediation workflows, anomaly detection, and threshold enforcement to streamline and industrialize GRC.
• Engineer continuous, event‑driven compliance monitoring systems that replace manual, point‑in‑time processes.
• Establish the product assurance foundations needed to scale CCM toward agentic, autonomous GRC capabilities.
• Develop compliance‑as‑code and policy‑as‑code frameworks integrated into CI/CD pipelines and cloud‑native infrastructure.
• Build automated assurance pipelines to continuously collect, enrich, and monitor controls from distributed systems and cloud services.
• Develop control integrations and data pipelines to normalize security telemetry across IAM, logs, scanners, and CCM/GRC tools.
• Deliver automated trend analysis, alerting, and reporting for compliance drift, control failures, and security‑risk signals.
• Architect scalable monitoring, reporting, and control‑validation solution aligned to enterprise security strategies and regulatory frameworks.
• Build and deliver solutions that demonstrate continuous control effectiveness and security risk posture across the environment.
• Build metrics engines, dashboards, and insights pipelines that provide real‑time visibility into compliance health and emerging risks.

• You’ll tackle security & compliance puzzles at cutting‑edge scale and complexity.
• You’ll collaborate with brilliant engineers who are redefining compliance adherence for cloud infrastructure.
• You’ll have the freedom and responsibility to innovate, experiment, and influence how we establish assurance pipelines.

• A Bachelor’s degree in Information Security, Computer Science, or a related field or equivalent job experience.
• At least 7+ years of hands‑on experience in Linux ideally within the cloud services industry.
• At least 3+ years of hands‑on experience securing Kubernetes clusters in a production environment.
• Experience building automated control validation, compliance‑as‑code, or continuous monitoring systems.
• Strong understanding of security controls, threat models, and operational monitoring.
• Proven experience in a technical security or engineering…