Skip to content
AnthropicAnthropicSan Francisco, CA

Threat Collections Engineer

Builds threat detection infrastructure, data pipelines, and tooling for threat intelligence team. Requires strong Python/SQL skills, experience with orchestration tools, YARA rules, and external API integrations.

300k – 320k/yr
HybridSecurity Engineering

About the role

Responsibilities

  • Build automated detection systems using disparate signals to identify abusive behavior.
  • Take systems from idea to proof-of-concept to production-grade with monitoring, documentation, and maintenance.
  • Develop and maintain YARA rule infrastructure, including tools for writing, validating, and testing rules.
  • Create integrations with external threat intelligence platforms (e.g. VirusTotal, Censys, Urlscan) via MCP servers.
  • Build data pipelines ingesting intelligence from RSS feeds, CTI news, and partners, using Claude for TTP extraction and hunting queries.
  • Develop behavioral analytics using DBT-based frameworks and searchable audit logging.
  • Establish feedback loops with investigators to tune detections and reduce false positives.
  • Scrape and normalize data from external sources for threat detection workflows.

You may be a good fit if you:

  • Strong coding proficiency in Python and SQL for detection logic, data pipelines, and automation.
  • Experience with data pipeline orchestration tools (Airflow, DBT, or similar).
  • Familiarity with threat intelligence concepts including IOCs, YARA rules, and threat correlation.
  • Experience integrating external APIs and building data ingestion systems.
  • Can translate investigator needs into technical requirements.
  • Comfortable building v0 systems and iterating on feedback.
  • Strong communication skills for non-engineering stakeholders.

Strong candidates may also have:

  • Experience with threat intelligence sharing frameworks (MISP, STIX/TAXII).
  • Background in cyber threat intelligence, security operations, or abuse detection.
  • Experience building MCP servers or similar AI tool integrations.
  • Familiarity with web scraping and data extraction at scale.
  • Experience with behavioral analytics or anomaly detection.
  • Understanding of LLM capabilities for automation.
  • Top Secret Clearance.

Annual Salary: $300,000—$320,000 USD

Skills

PythonSQLYaradbtAirflowVirustotalCensysUrlscanMispStix/Taxii
Anthropic

Security Engineer, Detection & Response

AnthropicSan Francisco, CA +3

Lead detection and response engineering efforts, building tooling and processes to monitor threats, investigate incidents, and coordinate responses across Anthropic's technology stack. Requires 5+ years in detection engineering, incident response, or threat hunting.

300k – 405k/yr
Hybrid5+ YOESecurity Engineering
Anthropic

Research Engineer – Cybersecurity RL

AnthropicSan Francisco, CA +1

Research Engineer on Cybersecurity RL team advances AI models in secure coding, vulnerability remediation, and defensive cybersecurity using RL techniques. Requires cybersecurity expertise, ML experience, and strong engineering skills.

300k – 405k/yr
HybridSecurity Engineering
Anthropic

Application Security Engineer

AnthropicSan Francisco, CA +2

Partners with engineers to embed security in AI product development through threat modeling, secure reviews, tooling, and vulnerability management. Requires 5+ years experience, programming proficiency, and offensive security mindset.

300k – 405k/yr
Hybrid5+ YOESecurity Engineering
OpenAI

Researcher, Automated Red Teaming

OpenAISan Francisco, CA +1

Leads automated red teaming efforts to discover failure modes in frontier AI models, focusing on cyber, bio, and loss-of-control risks. Builds scalable systems and partners across teams to implement mitigations reducing catastrophic harm.

295k – 445k/yr
On-siteSecurity Engineering
OpenAI

Security Engineer, Host Assurance

OpenAISan Francisco, CA +1

Builds and operates Host Assurance platform to establish trust in bare-metal hosts for OpenAI's global infrastructure. Requires strong software engineering, deep expertise in PKI/HSM/cryptography/secure boot/host attestation, and ability to work across hardware-software boundaries at scale.

293k – 385k/yr
HybridSecurity Engineering