Skip to content
AnthropicAnthropicSan Francisco, CA

Staff+ Software Security Engineer

Designs and builds complex security systems for AI infrastructure, focusing on identity management, developer security, cloud controls, and cryptographic frameworks. Requires 8+ years experience, strong Python/systems programming, and Kubernetes security expertise.

405k – 485k/yr
Hybrid8+ YOESecurity Engineering

About the role

About the Team

The Security Engineering team protects Anthropic's AI systems and maintains trust. Areas include identity and secrets management, developer security and supply chain, infrastructure security, and secure frameworks. You will own one or two areas and contribute to others.

About the Role

  • Scope, design, and build complex security systems end to end, maintaining them through production and driving through ambiguous technical challenges with minimal oversight
  • Identify systematic risks through threat modeling and risk assessment, then build the controls and infrastructure that address them
  • Mentor engineers across the security team and broader engineering organization, contribute to hiring, and grow security engineering culture
  • Enable other teams to build their own security solutions by providing design pattern guidance and expanding security ownership

Developer security and supply chain

  • Build and advance developer security program by embedding security practices into SDLC and developer workflows
  • Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement

Identity and secrets management

  • Architect systems that protect sensitive assets including model weights, customer data, and training datasets
  • Build and operate credential issuance, rotation, and workload authentication across multi-cloud environments

Infrastructure security

  • Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across multi-cloud and on-prem environments
  • Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
  • Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

Secure frameworks

  • Build critical security foundations including cryptographic frameworks, mTLS infrastructure, secure serialization, and authorization systems
  • Partner with product, research, infrastructure, and other security teams to ensure frameworks integrate smoothly

You may be a good fit if you have:

  • At least 8 years of software engineering experience with deep security expertise, including leading complex security initiatives independently
  • Bachelor's degree in Computer Science or equivalent industry experience
  • Strong programming skills in Python or at least one systems language such as Go, Rust, or C/C++
  • Deep understanding of identity systems, cryptographic primitives, and secrets management
  • Working knowledge of Kubernetes security primitives including RBAC, namespaces, network policies, and service accounts
  • Experience leading cross-functional security initiatives and navigating complex organizational dynamics
  • Outstanding communication skills, translating technical concepts effectively across all levels of the organization
  • A track record of bringing clarity and ownership to ambiguous technical problems and driving them to resolution
  • Low ego and high empathy, with a history of growing the engineers around you and supporting diverse, inclusive teams
  • Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Strong candidates may also have:

  • Designed or operated identity and secrets management systems for large-scale AI or cloud infrastructure
  • Built security frameworks or libraries adopted across an engineering organization
  • Led a developer security program including supply chain security, secure build infrastructure, and SDLC integrations
  • Built or secured CI infrastructure using Nix, Bazel, or Kubernetes-based deploy systems
  • Implemented machine identity or workload authentication systems using SPIFFE/SPIRE, mTLS, or equivalent
  • Understanding of Linux systems internals including namespaces, cgroups, and seccomp
  • Contributed to the security architecture of multi-cloud environments including network segmentation, data protection, and access governance
  • Experience with network security controls including admission controllers, CNI-level policy, service mesh security, and east-west traffic enforcement
  • Experience building runtime security monitoring using eBPF or kernel security policies

Skills

PythonGoRustKubernetesIAMRBACMtlsSpiffeEbpfCI/CD
Anthropic

Staff+ Software Engineer, GRC Platform

AnthropicSan Francisco, CA +2

Build the GRC platform at Anthropic by designing data pipelines, integrations, and agentic LLM workflows that automate compliance evidence collection, policy-as-code, and real-time risk reporting across cloud, identity, HR, and CI/CD systems.

405k – 405k/yr
Hybrid8+ YOESecurity Engineering
Anthropic

Staff+ Security Engineer, Risk Engineering

AnthropicSan Francisco, CA +2

Lead complex security risk initiatives end-to-end, building AI-native risk quantification and automation platforms. Requires 8+ years in software or security engineering with deep expertise across security domains and strong programming skills.

405k – 405k/yr
Hybrid8+ YOESecurity Engineering
Anthropic

Staff+ Software Engineer, Privacy

AnthropicSan Francisco, CA +2

Designs and implements privacy-preserving architectures for AI systems, builds privacy infrastructure, and leads threat modeling to protect user data at scale. Requires deep privacy engineering expertise, production systems experience in Python/Go, and familiarity with regulations like GDPR/CCPA.

405k – 625k/yr
Hybrid15+ YOESecurity Engineering
Anthropic

Staff+ Application Security Engineer

AnthropicSan Francisco, CA +2

Staff Application Security Engineer focused on M&A due diligence and secure integration of acquired codebases and systems at Anthropic. Lead security assessments, risk readouts, post-close remediation and automation using Claude, while contributing to core AppSec work. Requires 7+ years AppSec experience, rapid codebase assessment skills, and coding ability.

320k – 485k/yr
Hybrid7+ YOESecurity Engineering
OpenAI

Staff Security Reliability Engineer

OpenAISan Francisco, CA

Senior technical owner designing, building, and operating secure, reliable infrastructure-as-code platforms for identity, access, and shared services. Requires 10+ years of hands-on SRE experience in high-reliability on-prem/hybrid environments.

293k – 385k/yr
Hybrid10+ YOESecurity Engineering