Senior Security Engineer, Enterprise Security

Core Weave is The Essential Cloud for AI™. Built for pioneers by pioneers, Core Weave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, Core Weave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, Core Weave became a publicly traded company (Nasdaq: CRWV) in March 2025.

Learn more at

The Enterprise Security team at Core Weave is responsible for securing how our people work every day—identity, endpoints, networks, and SaaS—so the company can move fast without compromising safety. This team owns the controls, guardrails, and automation that keep our workforce, contractors, and critical business applications protected in a modern, cloud-native environment. If you’re excited about zero trust, phishing-resistant MFA, and building secure‑by‑default experiences that actually make people more productive, this is the team to join.

As a Senior Security Engineer, Enterprise Security, you’ll design and ship the security controls that underpin Core Weave’s workforce and enterprise stack. You’ll lead initiatives across identity, access management, device and endpoint security, and SaaS security—partnering closely with IT Engineering, Endpoint, Network, and other security teams. Your day‑to‑day will blend hands‑on engineering (writing code, building integrations, tuning controls) with architecture and program ownership (setting standards, defining patterns, and driving adoption across teams).

You’ll be responsible for turning high‑level objectives—like “implement zero trust for workforce access” or “deploy phishing‑resistant MFA at scale”—into concrete designs, automation, and measurable risk reduction.

• Design, implement, and operate workforce identity solutions (e.g., Okta/Entra and other IdPs) including SSO, MFA, conditional access, and lifecycle automation via SCIM.
• Develop and roll out phishing‑resistant MFA for high‑value accounts and critical access paths (e.g., FIDO2/Web Authn, hardware keys, device‑bound authenticators).
• Define and maintain RBAC/IAM patterns for enterprise applications (role models, groups, entitlements, JIT access, and approvals).

• Design and deploy controls that combine user identity, device posture, network context, and application sensitivity to enforce least‑privilege access.
• Partner with Network and Infrastructure teams to integrate mTLS, service identity, and policy‑based access into internal services and admin interfaces.
• Help transition from legacy perimeter models to zero trust network access (ZTNA) patterns for employees, contractors, and third parties.

• Evaluate, onboard, and harden SaaS applications (Google Workspace, Microsoft 365, Slack, HRIS, ticketing, and other business apps) to align with enterprise security policies.
• Implement and tune controls such as SCIM provisioning, data access policies, DLP, sharing controls, and audit logging across the SaaS estate.
• Partner with business and IT owners to ensure new SaaS applications meet baseline security standards before adoption.

• Collaborate with Endpoint/IT teams to define and enforce baseline configurations for laptops, workstations, and other managed devices via MDM and EDR.
• Design secure patterns for contractor and vendor access, including device requirements, identity separation, and time‑bound access.
• Support investigations and incident response related to identity, endpoint, and SaaS domains.

• Build automation and self‑service experiences for access requests, approvals, access reviews, and break‑glass workflows.
• Develop integrations between IdPs, HRIS, ticketing, and other systems to minimize manual toil and reduce identity‑related error rates.
• Define and instrument metrics for enterprise security (e.g., MFA coverage, zero trust policy enforcement,…