CoreWeave is the AI Hyperscaler™, delivering a cloud platform of cutting edge services powering the next wave of AI. Our technology provides enterprises and leading AI labs with the most performant, efficient and resilient solutions for accelerated computing. Since 2017, CoreWeave has operated a growing footprint of data centers covering every region of the US and across Europe. CoreWeave was ranked as one of the TIME100 most influential companies of 2024.
As the leader in the industry, we thrive in an environment where adaptability and resilience are key. Our culture offers career-defining opportunities for those who excel amid change and challenge. If you’re someone who thrives in a dynamic environment, enjoys solving complex problems, and is eager to make a significant impact, CoreWeave is the place for you. Join us, and be part of a team solving some of the most exciting challenges in the industry.
CoreWeave powers the creation and delivery of the intelligence that drives innovation.
About the Role:
We are seeking a highly skilled and driven Director of Governance, Risk, and Compliance to join our Security team. You will lead a high-functioning GRC team, reporting to the Chief Information Security Officer and focus on the overall strategic direction of GRC. Additionally, you will act as the external representative for CoreWeave’s privacy, regulatory, risk, and governance programs.
Responsibilities:
- Develop and drive the overall Governance, Risk, and Compliance program strategy in alignment with CoreWeave’s goals.
- Own the regulatory and compliance maturity roadmap to support scaling requirements and new business opportunities.
- Act as the representative of GRC programs in executive leadership discussions.
- Report program KPIs and KRIs to executive leadership.
- Advise C-level executives on new and ongoing risks, mitigation strategies, and regulatory compliance requirements.
- Oversee budgets for GRC initiatives and ensure program resources are utilized properly.
- Build and maintain partnerships with industry resources to stay ahead of evolving compliance trends.
- Be the eyes and ears of CoreWeave related to new and upcoming regulatory, compliance, and customer requirement changes that may impact CoreWeave’s business strategies.
- Direct the approach for tackling newly scoped regulatory/compliance initiatives aligned to business scaling requirements (i.e., PCI, DORA, NIS2, etc.).
- Drive operational changes and raise awareness to ensure employees are equipped with the necessary governance and risk knowledge needed to maintain compliant.
- Support legal with high-impact tasks such as regulatory reporting, external due diligence inquiries, sub-processor notices, etc.
- Direct GRC department on handling international regulatory and compliance initiatives to ensure operations remain compliant globally.
- Own the external auditor and external resource recommendations and selection process.
- Prepare CISO with regulatory, risk, and compliance updates to communicate to the Board of Directors.
- Assist with the relationship management of external auditors and own the external auditor selection process.
- Act as an escalation point for the GRC program to assist with stakeholder management when necessary.
Required Skills:
- Minimum of 10 years work experience in IT, Security Compliance or Audit function, preferably in the cloud service provider industry
- Educational Qualification: Bachelor's in Information Security, Computer Science, or related degree; Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) Certification or equivalent
- Experience building and maintaining a governance, risk, and compliance program at scale
- Experience conducting end-to-end control framework assessments; documenting control effectiveness, gaps, remediation requirements and/or maturity recommendations
- Ability to drive a team of managers and analysts to focus on prioritizing and delivering high-quality work with external/internal audit, customers and investors with attention to details
- Experience working directly with external auditors, regulators and government officials on security assessments and due diligence
- Ability to assess risks and distinguish critical or high impacting security areas within CoreWeave’s environment and drive appropriate remediations across multiple teams when necessary.
- Knowledge and experience of a cloud infrastructure environment and what applicable security controls should be in place
- Drive both technical and non-technical conversations related to security controls with executive leaders and team members across every business team at CoreWeave
- Ability to identify, assess and plan for upcoming regulatory changes, customer requirements and due diligence trends ahead of when they may be required and build a corresponding action plan to address any requirements
- Strong technical background and experience with cyber tooling
- Expert knowledge of regulatory and compliance requirements, such as: SOX, SOC 2, ISO 27001:2022, ISO 27701, NIST 800-53, NIST CSF, PCI DSS, FedRAMP, GDPR, UK Cyber Essentials, HIPAA, etc.
- Deep experience on strategy and execution of collaborating with cross-functional teams, including engineering, infrastructure, security, etc
- Excellent knowledge and execution of reporting procedures to executives and board members on the state internal governance, risk and compliance
The Director of Governance, Risk, and Compliance team works standard business hours and may be required to perform job duties outside of normal business hours as needed, aligned to job duties.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $180,000-$220,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.
What We Offer
The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.
In addition to a competitive salary, we offer a variety of benefits to support your needs, including:
- Medical, dental, and vision insurance - 100% paid for by CoreWeave
- Company-paid Life Insurance
- Voluntary supplemental life insurance
- Short and long-term disability insurance
- Flexible Spending Account
- Health Savings Account
- Tuition Reimbursement
- Mental Wellness Benefits through Spring Health
- Family-Forming support provided by Carrot
- Paid Parental Leave
- Flexible, full-service childcare support with Kinside
- 401(k) with a generous employer match
- Flexible PTO
- Catered lunch each day in our office and data center locations
- A casual work environment
- A work culture focused on innovative disruption
Our Workplace
At CoreWeave, we are committed to operating as a hybrid workplace, offering employees flexibility in how they structure their time between in-office and remote work. We recognize the significance of fostering connections, collaboration, and creativity within our office culture and its positive impact on our business. Our philosophy operating as a hybrid workplace underscores our dedication to enabling employees to tailor work-life balance to their individual preferences.
For those who do not live within 30 miles of one of our offices, we are open to considering remote work for candidates whose skills and experience strongly align with the role. While we prioritize a hybrid work environment for most roles, we understand the importance of flexibility and are open to remote work for specific positions and specialized skill sets. Onboarding is essential to your success. New employees not based out of an office will be invited to attend onboarding training at one of our hubs within their first month of employment. We continue to foster a collaborative environment by bringing teams together quarterly.
California Consumer Privacy Act - California applicants only
CoreWeave is an equal opportunity employer, committed to fostering an inclusive and supportive workplace. All qualified applicants and candidates will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.
As part of this commitment and consistent with the Americans with Disabilities Act (ADA), CoreWeave will ensure that qualified applicants and candidates with disabilities are provided reasonable accommodations for the hiring process, unless such accommodation would cause an undue hardship. If reasonable accommodation is needed, please contact: [email protected].
What the Team is Saying
What We Do
CoreWeave, the AI Hyperscaler™, delivers a cloud platform of cutting-edge software powering the next wave of AI. The company's technology provides enterprises and leading AI labs with cloud solutions for accelerated computing. Since 2017, CoreWeave has operated a growing footprint of data centers across the US and Europe. CoreWeave was ranked as one of the TIME100 most influential companies and featured on Forbes Cloud 100 ranking in 2024. Learn more at www.coreweave.com.
Why Work With Us
At CoreWeave we work hard, have fun and move fast! Today we are a small, growing team of intelligent, genuine people, that value different perspectives and approaches to solving complex problems. We foster an environment that champions collaboration and prioritizes innovative solutions. Here, you are surrounded by the best.
Gallery
.jpg)
CoreWeave Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
