Director, Cyber Security Operations

The Director of Cyber Security Operations at CoreWeave is responsible for managing daily operations of the CoreWeave security operations team and cyber suite of tools. In this role, the ideal candidate must deliver high quality, repeatable and sustainable cyber and reliability related support and outcomes to the Company's IT, Network and Engineering teams. They will also play a critical role in alerting on reporting deviations, tracking, and identifying errors/incident trends, and monitoring of CoreWeave network, infrastructure and endpoint assets to ensure the overall health and security of the CoreWeave ecosystem.

Responsibilities include:

• Lead the protection of CoreWeave's network boundaries, keeping computer systems and network devices hardened against potential attacks
• Work with network equipment and actively monitor our systems for attacks and intrusions
• Experience with infrastructure systems administration, and operations and maintenance server health checks; troubleshoot complex issues in a large network environment
• Design, build and maintain Cyber Threat Detection tooling
• Leverage knowledge of cyber threat tactics, techniques and procedures (TTPs) to inform the design of detection rules
• You use your experience to own and drive the resolution of complex security incidents, policy questions and technical security issues
• Actively lead and/or participate in incident investigations and cyber responses
• Partner with CoreWeave engineers to proactively identify and fix infrastructure security flaws and vulnerabilities
• Build and enhance the detection capabilities of Security Operations through the design, implementation, and ongoing tuning of detection rules
• Owning and operating CrowdStrike Falcon, including administration of the tool
• Administer additional cyber security tools within our suite
• Participate in new cyber product POCs, enhancements and deployments
• Ability to provide solutions to complex issues; handle multiple tasks in a fast-paced environment; set priorities; meet deadlines per project scope
• Demonstrated ability to present complex, technical information to both technical and non-technical audiences
• Executive presence demonstrated through: strong time management, communication, technical writing, presentations, and documentation skills
• Ability to work with minimal supervision, have attention to detail, and 100% follow-through on all work assignments
• Perform other work-related duties as assigned

Requirements:

8 -10 years of experience in:

• Building and managing a team of cyber security and engineering focused employees
• Hands-on experience managing security tools servers in a large environment, to include routine Linux and Windows patching and application patching/upgrades
• Expert experience deploying, tuning and maintaining Data Loss Prevention software
• Experience managing EDR tooling (e.g. Crowdstrike) and setting EDR, anti-virus policies, exclusions, dashboards, queries, reporting and analysis
• Experience with administration of email protection tooling
• Knowledge and experience with identification and remediation of CVEs within a large infrastructure deployment
• Experience managing/troubleshooting workstations/servers, local EDR, anti-virus software, log analysis, as it relates to security compliance
• Willingness to learn new technologies/toolsets as part of the job responsibilities

Preferred Skills:

Experience operating and maintaining enterprise level information security tools, proven experience in Systems Administration, including server & workstation troubleshooting, Knowledge and experience with cloud-based infrastructures, Knowledge of network concepts/protocols, Familiarity with Linux operating systems, Security+, Network+

The preferred candidate also has, experienced with or knowledge of the following skills & qualifications:

• Building/configuring Security incident and event management (SIEM) systems, intrusion defense system (IDS), intrusion prevention system (IPS), Firewall, Antivirus, Web Proxies, Authentication, Cryptography, Kubernetes, Linux server administration, and/or network administration
• Has any of the following certifications: Certified Intrusion analyst (GCIAs), GIAC Reverse Engineering Malware (GREM), GIAC Penetration Testing Certification (GPEN), GIAC Certified Enterprise Defender (GCED), Certified Geographic Information Systems Professional (GISP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), GIAC Security Essentials Certification (GSEC), Offensive Security Certified Professional (OSCP), and/or Security Cisco Certified Networking Professional – Security (CCNP-Security)
• Familiarity with sending Requests for Proposals (RFPs) to gather information regarding installation of new cyber tooling to best protect the company
• Familiarity with contract negotiations with cyber security vendors
• Creating and presenting technical strategies and technical solution recommendations
• Designing and implementing technical solutions
• Integrating new technologies into existing technology portfolio
• Collaborating with cross-functional teams, including engineering

The Director of Cyber Security Operations works standard Eastern time zone business hours, with 24/7 on-call responsibilities. CoreWeave is a fast growth startup, and the selected candidate is willing to be flexible for when they are needed. There will be times where this person needs to be available outside of regular business hours to support critical issues or meetings.