Staff AI Security Engineer
About the role
The Staff AI Security Engineer will define and operationalize security across CoreWeave’s AI ecosystem. This role sits at the intersection of AI/ML, cloud infrastructure, and security engineering.
Responsibilities
Design and implement security controls across AI/ML infrastructure, including model artifact storage, data lineage and integrity, model signing and provenance, and ML pipeline security (MLOps/MLSecOps)
Develop AI security policies, standards, and threat models covering model development, training pipelines, data ingestion, inference environments, and agentic systems
Build security guardrails for agentic workflows: tool access and permissioning, input/output validation, execution boundaries, sandboxing, and auditability of agent actions
Lead secure adoption of AI tools across engineering, security, operations, and enterprise functions. Evaluate AI vendors, copilots, and integrations. Define policies for data sharing, model usage boundaries, and sensitive data handling in prompts and outputs
Partner with enterprise security and IT on AI-related risks across the corporate environment, including endpoint posture, corporate identity, and SaaS security for AI-enabled platforms
Conduct threat modeling and adversarial testing of AI systems, covering prompt injection, data poisoning, model extraction, and backdoored models. Build and maintain a CoreWeave-specific AI threat taxonomy
Drive cross-team technical decisions and influence architecture across platform engineering, security engineering, ML/AI teams, and product/DevEx to embed security into AI platforms and developer tooling
Requirements
- 10+ years of experience in security engineering (cloud, application, or infrastructure)
- Experience with AI/ML systems: LLMs, training pipelines, inference systems, or MLOps
- Strong, demonstrable experience building and securing large-scale distributed systems
- Strong coding skills in Go, Python, or similar
- Familiarity with Kubernetes, containerized environments, and cloud platforms (AWS, GCP, Azure)
- Understanding of AI-specific threats: prompt injection, data leakage, model misuse, supply chain risks in models and datasets
- Track record of driving cross-team technical initiatives and influencing architecture decisions at the org level
Preferred Experience
- Building or securing LLM-based systems, agent frameworks (LangChain, etc.), or AI-powered internal tools
- Background in adversarial ML or red teaming AI systems
- Experience with secure model deployment pipelines or confidential computing / secure enclaves
- Familiarity with identity and access control systems
- Experience in high-performance or GPU-centric environments
Qualifications
- Minimum Qualifications: 10+ years of experience in security engineering (cloud, application, or infrastructure); 10+ years of experience in security engineering (cloud, application, or infrastructure); Strong, demonstrable experience building and securing large-scale distributed systems; Strong coding skills in Go, Python, or similar; Familiarity with Kubernetes, containerized environments, and cloud platforms (AWS, GCP, Azure); Understanding of AI-specific threats: prompt injection, data leakage, model misuse, supply chain risks in models and datasets; Track record of driving cross-team technical initiatives and influencing architecture decisions at the org level
- Preferred Experience: Building or securing LLM-based systems, agent frameworks (LangChain, etc.), or AI-powered internal tools; Background in adversarial ML or red teaming AI systems; Experience with secure model deployment pipelines or confidential computing / secure enclaves; Familiarity with identity and access control systems; Experience in high-performance or GPU-centric environments