# Staff+ Application Security Engineer

**Company:** [Anthropic](https://hotfix.jobs/companies/anthropic)
**Location:** San Francisco, CA, Seattle, WA, New York, NY
**Role:** Security Engineering
**Salary:** $320k – $485k/yr
**Experience:** 7+ years
**Skills:** Application Security, Threat Modeling, Python, Go, Rust, TypeScript, Cloud Security, Container Security, SAST, DAST, Bug Bounty, Vulnerability Management, LLMs, Security Automation
**Posted:** 2026-07-10

> Staff Application Security Engineer focused on M&A due diligence and secure integration of acquired codebases and systems at Anthropic. Lead security assessments, risk readouts, post-close remediation and automation using Claude, while contributing to core AppSec work. Requires 7+ years AppSec experience, rapid codebase assessment skills, and coding ability.

## Job Description

## Key Responsibilities
- Lead pre-close security due diligence on prospective acquisitions: coordinate external penetration testing, threat-model architecture, assess security controls, and deliver security risk readout for leadership.
- Drive post-close security integration: implement static/dynamic analysis, track remediation of high/critical issues, integrate into bug bounty, and onboard to automated vulnerability systems.
- Coordinate with adjacent security teams (supply chain, cloud, corporate, detection & response) on integration aspects.
- Work with diverse stakeholders including corporate development, legal, security leadership, internal engineering teams, and external counterparts at target companies; translate and keep security workstreams legible.
- Formalize and scale M&A security playbook (risk-scoring, runbooks, checklists) and automate with Claude-powered tooling.
- Participate in on-run rotation for bug bounty, launch consults, and incident response (with adjustments during active deals).
- Contribute to core AppSec projects between deals, including secure design reviews, threat modeling for agentic systems, and security automation.

## Minimum Qualifications
- Hands-on application and infrastructure security experience, including cloud and containerized environments.
- Ability to rapidly assess unfamiliar codebases or architectures and produce clear, prioritized risk assessments for non-security audiences.
- Production-quality coding in at least one of: Python, Go, Rust, or TypeScript.
- Practical threat-modeling and vulnerability identification skills with experience finding and reasoning about real bugs.
- Comfort with high autonomy, ambiguity, and confidential contexts.
- Clear written and verbal communication across executives, legal, corporate development, and engineering audiences.

## Preferred Qualifications
- 7+ years in application security, security consulting, or security architecture.
- Prior M&A security due diligence, third-party assessment, or technical due diligence experience.
- Experience standing up/scaling SAST/DAST, bug bounty, or vulnerability management across codebases.
- Track record building security automation/tooling.
- Familiarity using LLMs as core part of security workflow.
- Experience securing agentic, code-execution, or LLM-integrated systems.

## Minimum Education
Bachelor’s degree or equivalent combination of education, training, and/or experience in a relevant field.

## Similar roles

- [Staff Security Reliability Engineer](https://hotfix.jobs/jobs/626c14c3-6d35-433f-a4a1-7e4e17fa2b28) - OpenAI - San Francisco, CA - $293k – $385k/yr
- [Software Engineer, Security](https://hotfix.jobs/jobs/e6283f18-9abb-4d55-acf7-cc3220bb1636) - Notion - San Francisco, CA - $290k – $350k/yr
- [Member of Technical Staff, SecOps & Threat Detection Engineer](https://hotfix.jobs/jobs/39765d60-0022-4a70-9f23-866a5b6b63e5) - Envoy - San Francisco, CA - $265k – $310k/yr
- [Staff Software Engineer, Fraud](https://hotfix.jobs/jobs/aa86d79c-af69-4a6a-bdd8-8bd480bb43a9) - Replit - Foster City, CA - $250k – $315k/yr
- [Staff Software Engineer, Risk](https://hotfix.jobs/jobs/5cc2b135-9342-4987-9b19-269e001150fe) - Replit - Foster City, CA - $250k – $315k/yr

**Apply:** https://hotfix.jobs/jobs/176eddbe-ab46-4c6b-b459-b97404661b42
**Canonical:** https://hotfix.jobs/jobs/176eddbe-ab46-4c6b-b459-b97404661b42