# Platform Security Engineering - OpenBMC

**Company:** [Anthropic](https://hotfix.jobs/companies/anthropic)
**Location:** San Francisco, CA, New York, NY, Seattle, WA
**Role:** Security Engineering
**Salary:** $405k – $405k/yr
**Experience:** 8+ years
**Skills:** Openbmc, C, C++, Python, Yocto, Openembedded, Linux, U-Boot, D-Bus, Sdbusplus, Mctp, Pldm, Spdm, Redfish, Rde
**Posted:** 2026-06-19

> Founding engineer building and securing OpenBMC firmware for x86/Arm server fleets. Own production firmware, manageability features, and security hardening including secure boot, attestation, and threat modeling.

## Job Description

## What You'll Do

### Production and manageability:
- Design, build, and ship OpenBMC firmware and manageability features for x86 and Arm (including GPU) platforms, from bring-up through production, using Yocto/OpenEmbedded
- Build the management stack on DMTF/OCP standards (MCTP, PLDM, SPDM, Redfish, RDE) and IPMI/KCS: sensors, telemetry, inventory, logging, RAS
- Implement BMC-to-BIOS/host communications, eSPI/LPC, thermal/fan/power management (PMBus)
- Work the hardware/firmware boundary: I2C/I3C, SPI, PCIe, SMBus, device trees, U-Boot, Linux

### Security and hardening:
- Own the BMC security posture: secure and measured boot, root of trust, attestation (SPDM), authenticated update (PLDM FW Update), rollback protection, attack-surface reduction
- Lead threat modeling and secure design reviews; run coordinated vulnerability disclosure with vendors and the upstream community
- Build verification tooling: static analysis, fuzzing, firmware extraction, CI gating

## Who You Are
- 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)
- Strong technical cross-functional leadership skills, direction setting
- Hands-on OpenBMC/BMC firmware experience on x86 and/or Arm, from bring-up through production with hands-on D-Bus/sdbusplus
- Strong C/C++ and Python, deep Linux user-space/kernel fundamentals, and Yocto/OpenEmbedded proficiency
- A security mindset applied to firmware, not bolted on afterward
- Upstream contributions to OpenBMC, U-Boot, DMTF, or OCP
- Working knowledge of out-of-band and in-band management, the relevant DMTF specs, and the device interfaces they run over
- Strong debugging and a track record of shipping reliable, well-tested code
- Clear communication across internal teams and external vendors
- Ability to work effectively across hardware and software boundaries
- Knowledge of NIST firmware security guidelines and hardware security frameworks, specifically SP 800-193 and 800-147/155

## Strong candidates may also have
- Hardware roots of trust and attestation: Caliptra, OCP S.A.F.E., TPM/HRoT, SPDM
- Memory-safe systems code in Rust or Zig
- Firmware vulnerability research, reverse-engineering, or fuzzing
- Previous work with AI/ML infrastructure security

## Logistics
- Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience
- Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience
- Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
- Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

## Similar roles

- [Software Security Engineering Manager, Secure Frameworks](https://hotfix.jobs/jobs/26e1ecde-76c2-491f-951c-78e9c075c076) - Anthropic - San Francisco, CA - $405k – $485k/yr
- [Platform Hardware Security Engineer](https://hotfix.jobs/jobs/d17b3dee-b5c8-4219-9539-bccc7555d114) - Anthropic - San Francisco, CA - $405k – $405k/yr
- [Threat Intel Manager, Model Exploitation & Fraud](https://hotfix.jobs/jobs/79d8fde6-0685-49ba-a205-ccfc9900c039) - Anthropic - San Francisco, CA - $375k – $455k/yr
- [Threat Intel Manager, CBRN-E & Advanced Weapons](https://hotfix.jobs/jobs/fefd59f1-15ca-432c-a3a8-4f81dbdb8b0a) - Anthropic - San Francisco, CA - $375k – $455k/yr
- [Global Detection and Response Lead](https://hotfix.jobs/jobs/6d9a0a44-c862-4405-b033-2bdc3b6f9d67) - OpenAI - San Francisco, CA - $347k – $490k/yr

**Apply:** https://hotfix.jobs/jobs/5da17ebb-9a68-4910-acce-fa4601b4fa14
**Canonical:** https://hotfix.jobs/jobs/5da17ebb-9a68-4910-acce-fa4601b4fa14