Senior Security Operations Engineer II

About the role

We are seeking a highly skilled Security Operations Engineer II specializing in security event triaging and incident response to join our 24x7 Security Operations team based in our Warsaw, Poland office. In this role, you will lead initial triaging, escalation and incident response efforts, and contribute to the improvement of our detection and response capabilities. In this role, you will: Be part of a 24/7/365 SOC, that includes a rotating on-call schedule for overnights/weekends, ensuring compliance with local Polish labor regulations regarding shift work and on-call periods. Investigate security incidents, including creating detections (detections-as-code), analysis, containment, and remediation, ensuring rapid response to potential threats across Linux, MacOS, and Kubernetes environments. Utilize and query SIEM, EDR, and other security tooling to detect, investigate, and respond to suspicious activity in real-time. Conduct post-incident reviews, providing insights and recommendations for improving security defenses across engineering, operations and security teams. Work closely with threat intelligence & detection engineering teams to identify emerging threats and ensure the incident response team is prepared to defend against them. Serve as the technical lead for SOC response workflows, guiding junior engineers through investigations, coordinating cross-functional incident handling, and improving the tooling, automation, and processes that scale security operations. Stay up-to-date with industry best practices, threat landscape trends, and relevant technologies to continually improve the organization's incident response capabilities.

Requirements

• Degree in Computer Science, Computer Engineering, Cyber Security, Information Technology or similar experience.
• 5+ years of experience in forensics, incident response, or security operations, or related fields.
• Strong experience with Linux and MacOS systems, including deep knowledge of system internals, logging, and forensic artifacts.
• Experience with Kubernetes and familiarity with securing containerized environments.
• Experience with modern security tools and platforms such as SIEM, EDR, IDS/IPS, and firewalls.
• Strong understanding of network protocols, firewalls, VPNs, proxies, and other security technologies.
• Strong analytical skills with the ability to handle and interpret large amounts of data, and the ability to translate these into actionable insights.
• Excellent communication and collaboration skills, with the ability to work effectively in high-pressure situations.
• You've worked at a cloud provider or hyperscaler and understand the scale and complexity.
• You're familiar with Security Operations at scale to defend and protect an enterprise.
• You've had experience leading security analysts in their day-to-day duties.
• Why CoreWeave?
• Be Curious at Your Core
• Act Like an Owner
• Empower Employees
• Deliver Best-in-Class Client Experiences
• Achieve More Together

Benefits

Additional Information

CoreWeave is The Essential Cloud for AI™. Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence. Trusted by leading AI labs, startups, and global enterprises, CoreWeave combines superior infrastructure performance with deep technical expertise to accelerate breakthroughs and turn compute into capability. Founded in 2017, CoreWeave became a publicly traded company (Nasdaq: CRWV) in March 2025. Learn more at www.coreweave.com . We're proud to be a Living Wage accredited Employer.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at coreweaveu? Share your experience