Staff+ Software Security Engineer

Details

About Anthropic

Anthropic’s mission is to create reliable, interpretable, and steerable AI systems. The team is a growing group of researchers, engineers, policy experts, and business leaders building beneficial AI systems.

About the Team

The Security Engineering team protects Anthropic's AI systems and maintains the trust of users and society. The team defines authentication architecture for training infrastructure, designs cryptographic foundations to protect model weights and training data, and drives the developer security program that shapes how engineers build and ship software. The team works across identity and secrets management, developer security and supply chain, infrastructure security, and secure frameworks.

Role overview

You will scope, design, and build complex security systems end-to-end, maintain them in production, and drive ambiguous technical challenges with minimal oversight. You will identify systematic risks through threat modeling and risk assessment and build controls and infrastructure to address them. The role includes mentoring engineers, contributing to hiring, and expanding security ownership across the organization.

Responsibilities

• Scope, design, and build complex security systems end to end and maintain them through production
• Identify systematic risks via threat modeling and risk assessment; design and implement mitigations
• Mentor engineers across the security team and broader engineering organization; contribute to hiring and security culture
• Enable other teams to build secure solutions by providing design guidance and expanding security ownership

Developer security and supply chain

• Build and advance the developer security program by embedding security into the SDLC and developer workflows
• Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement

Identity and secrets management

• Architect systems that protect sensitive assets including model weights, customer data, and training datasets
• Build and operate credential issuance, rotation, and workload authentication across multi-cloud environments

Infrastructure security

• Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across multi-cloud and on-prem environments
• Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
• Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

Secure frameworks

• Build security foundations including cryptographic frameworks, mTLS infrastructure, secure serialization, and authorization systems to prevent whole classes of vulnerabilities
• Partner with product, research, infrastructure, and other security teams to ensure smooth integration with lower-layer security controls

Requirements

• At least 8 years of software engineering experience with deep security expertise, including leading complex security initiatives independently
• Bachelor's degree in Computer Science or equivalent industry experience
• Strong programming skills in Python or at least one systems language such as Go, Rust, or C/C++
• Deep understanding of identity systems, cryptographic primitives, and secrets management
• Working knowledge of Kubernetes security primitives including RBAC, namespaces, network policies, and service accounts
• Experience leading cross-functional security initiatives and navigating complex organizational dynamics
• Outstanding communication skills; ability to translate technical concepts across all levels of the organization
• Track record of bringing clarity and ownership to ambiguous technical problems and driving them to resolution
• Low ego and high empathy; history of growing engineers and supporting diverse, inclusive teams
• Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Preferred / Strong candidate experience

• Designed or operated identity and secrets management systems for large-scale AI or cloud infrastructure
• Built security frameworks or libraries adopted across an engineering organization
• Led a developer security program including supply chain security, secure build infrastructure, and SDLC integrations
• Built or secured CI infrastructure using Nix, Bazel, or Kubernetes-based deploy systems
• Implemented machine identity or workload authentication systems using SPIFFE/SPIRE, mTLS, or equivalent
• Understanding of Linux systems internals including namespaces, cgroups, and seccomp
• Contributed to security architecture of multi-cloud environments including network segmentation, data protection, and access governance
• Experience with network security controls including admission controllers, CNI-level policy, service mesh security, and east-west traffic enforcement
• Experience building runtime security monitoring using eBPF or kernel security policies

Compensation

The annual salary range for this role is:

• $405,000 - $485,000 USD

Logistics

• Education requirements: Bachelor's degree in a related field or equivalent experience
• Location-based hybrid policy: staff are expected to be in one of Anthropic's offices at least 25% of the time (some roles may require more time)
• Visa sponsorship: Anthropic states they do sponsor visas and will make reasonable efforts and retain an immigration lawyer to assist

Company & culture

Anthropic is a public benefit corporation headquartered in San Francisco. The company offers competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and offices for collaboration. They emphasize collaboration, communication, and high-impact AI research.