Senior Software Security Engineer at Anthropic

Hybrid - San Francisco, CA

Apply
More jobs at Anthropic

The Security Engineering team at Anthropic protects AI systems and maintains user trust. This role focuses on identity and secrets management, cloud security controls, secure development frameworks, and pipeline hardening across multi-cloud and on‑prem environments, while contributing to continuous security posture management. The team values ownership, clear communication, and a passion for AI safety.

Salary

USD 320,000 - 405,000

Requirements

Skills

  • At least 5 years of software engineering experience implementing and maintaining security-relevant systems in production
  • Bachelor's degree in Computer Science or equivalent industry experience
  • Strong programming skills in Python or at least one systems language such as Go or Rust
  • Experience contributing to cloud security controls
  • A track record of taking ownership of problems end to end, from identifying the issue to shipping and monitoring the fix
  • Clear communication skills and the ability to work collaboratively across engineering teams
  • Low ego and high empathy, with a genuine interest in helping teammates succeed
  • Passion for AI safety and the role security engineering plays in building trustworthy AI systems
  • Contributions to developer security tooling including SAST, dependency scanning, or secure build infrastructure
  • Familiarity with Kubernetes security primitives including RBAC, namespaces, network policies, and admission controllers
  • Experience with cloud security posture management tooling, infrastructure-as-code security scanning, or automated remediation
  • Experience with network security and isolation techniques including east-west controls, traffic inspection, and cloud network policy
  • Experience with eBPF for security monitoring and enforcement, or developing kernel security policies
  • Experience building secrets management or workload authentication systems, including familiarity with protocols such as OAuth 2.0, OIDC, SAML, or SPIFFE/SPIRE
  • Background building or operating security systems in environments that support research workflows and rapid iteration

Responsibilities

  • Build and maintain identity and secrets management systems, including credential issuance, rotation, and workload authentication across our multi-cloud environments
  • Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
  • Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
  • Design and implement secure development frameworks and libraries that make secure coding the path of least resistance for our engineering teams, including service to service authentication, serialization libraries, and tool proxies
  • Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement
  • Identify and remediate security gaps through code review, threat modeling, and hands‑on debugging
  • Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

Technologies

PythonGoRustKubernetesOAuth 2.0OIDCSAMLSPIFFE/SPIREeBPFCI/CDIAMVPCNetwork segmentationInfrastructure-as-codeSecurity scanningThreat modeling

See if your resume is ready for this job

See how our AI can optimize your resume and improve your chances for this role.