# Application Security Engineer

**Company:** [Anthropic](https://hotfix.jobs/companies/anthropic)
**Location:** San Francisco, CA, Seattle, WA, New York, NY
**Role:** Security Engineering
**Salary:** $300k – $405k/yr
**Experience:** 5+ years
**Skills:** Python, Rust, Go, Java, Kubernetes, Docker, AWS, GCP, Threat Modeling, Vulnerability Management
**Posted:** 2026-02-12

> Partners with engineers to embed security in AI product development through threat modeling, secure reviews, tooling, and vulnerability management. Requires 5+ years experience, programming proficiency, and offensive security mindset.

## Job Description

## Responsibilities
- Help secure AI products and internal tools introducing novel security risks
- Lead “shift left” security efforts in the software development lifecycle
- Conduct secure design reviews and threat modeling to identify risks
- Develop tooling for security code reviews and vulnerability remediation
- Manage vulnerability management program with data pipelines and prioritization
- Oversee bug bounty program, validate submissions, and coordinate remediation
- Collaborate with product engineers to instill security best practices
- Develop security policies, standards, playbooks, and conduct training

## You may be a good fit if you
- Have 5+ years of hands-on experience in application and infrastructure security, including cloud and containerized environments
- Strong proficiency in at least one programming language (e.g., Python, Rust, Go, Java)
- Lead with empathy and collaborate cross-functionally
- Leverage creative thinking to reduce risk through secure design
- Possess broad security knowledge across domains
- Distill complex concepts into clear actions
- Proactive mindset for threat modeling and secure code review
- Strong grasp of offensive security
- Experience with modern application stacks and security tools
- Balance security with business objectives

## Strong candidates may also
- Expertise securing cloud environments and microservices (Kubernetes, Docker, AWS/GCP)
- Exposure to offensive security (bug bounty, pen testing, red team)
- Familiarity with AI/ML security risks (prompt injection, data poisoning)
- Experience building security tools and automation
- Solid knowledge of software and security engineering principles
- Excellent communication skills
- Thrive in fast-paced environments

## Logistics
**Education requirements:** At least a Bachelor's degree in a related field or equivalent experience.

**Annual Salary:** $300,000—$405,000 USD

## Similar roles

- [Security Engineer, Detection & Response](https://hotfix.jobs/jobs/8fbbaee5-e02c-4617-8eba-262d886cda43) - Anthropic - San Francisco, CA - $300k – $405k/yr
- [Threat Collections Engineer](https://hotfix.jobs/jobs/c0c31e7e-6d1b-48ef-a06a-69c21286e94b) - Anthropic - San Francisco, CA - $300k – $320k/yr
- [Research Engineer – Cybersecurity RL](https://hotfix.jobs/jobs/75c8b1b1-6058-41b5-9cb0-b89086964f6f) - Anthropic - San Francisco, CA - $300k – $405k/yr
- [Researcher, Automated Red Teaming](https://hotfix.jobs/jobs/c8bad9d3-b859-4225-a74f-118514d784b4) - OpenAI - San Francisco, CA - $295k – $445k/yr
- [Security Engineer, Host Assurance](https://hotfix.jobs/jobs/b25f415d-5149-4104-a91a-384cc6f42e57) - OpenAI - San Francisco, CA - $293k – $385k/yr

**Apply:** https://hotfix.jobs/jobs/201cf91f-ce1c-4b0e-9865-4cb8d9294c00
**Canonical:** https://hotfix.jobs/jobs/201cf91f-ce1c-4b0e-9865-4cb8d9294c00