Anthropic is building a founding team to own the OpenBMC‑based management firmware that runs across its server fleet. The role focuses on designing, building, and shipping production firmware and manageability features for x86 and Arm platforms, while hardening that firmware against sophisticated adversaries. Responsibilities include firmware development, standards implementation, hardware‑firmware integration, secure boot, attestation, threat modeling, and building verification tooling.
Platform Security Engineer, OpenBMC en Anthropic
Híbrido - San Francisco, CA; New York City, NY; Seattle, WA
Más vacantes en AnthropicSalary
USD 405,000 - 405,000
Requirements
Skills
- Strong technical cross-functional leadership skills, direction setting
- Hands‑on OpenBMC/BMC firmware experience on x86 and/or Arm, from bring‑up through production with hands‑on D‑Bus/sdbusplus
- Strong C/C++ and Python, deep Linux user‑space/kernel fundamentals, and Yocto/OpenEmbedded proficiency
- A security mindset applied to firmware, not bolted on afterward
- Upstream contributions to OpenBMC, U‑Boot, DMTF, or OCP
- Working knowledge of out‑of‑band and in‑band management, the relevant DMTF specs, and the device interfaces they run over
- Strong debugging and a track record of shipping reliable, well‑tested code
- Clear communication across internal teams and external vendors
- Ability to work effectively across hardware and software boundaries
- Knowledge of NIST firmware security guidelines and hardware security frameworks, specifically SP 800‑193 and 800‑147/155
- 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS‑level security)
- Hardware roots of trust and attestation: Caliptra, OCP S.A.F.E., TPM/HRoT, SPDM
- Memory‑safe systems code in Rust or Zig
- Firmware vulnerability research, reverse‑engineering, or fuzzing
- Previous work with AI/ML infrastructure security
Responsibilities
- Design, build, and ship OpenBMC firmware and manageability features for x86 and Arm (including GPU) platforms, from bring‑up through production, using Yocto/OpenEmbedded
- Build the management stack on DMTF/OCP standards (MCTP, PLDM, SPDM, Redfish, RDE) and IPMI/KCS: sensors, telemetry, inventory, logging, RAS
- Implement BMC‑to‑BIOS/host communications, eSPI/LPC, thermal/fan/power management (PMBus)
- Work the hardware/firmware boundary: I2C/I3C, SPI, PCIe, SMBus, device trees, U‑Boot, Linux
- Own the BMC security posture: secure and measured boot, root of trust, attestation (SPDM), authenticated update (PLDM FW Update), rollback protection, attack‑surface reduction
- Lead threat modeling and secure design reviews; run coordinated vulnerability disclosure with vendors and the upstream community
- Build verification tooling: static analysis, fuzzing, firmware extraction, CI gating
Technologies
OpenBMCYocto/OpenEmbeddedDMTF/OCP standardsMCTPPLDMSPDMRedfishRDEIPMI/KCSI2CI3CSPIPCIeSMBusDevice treesU‑BootLinuxC/C++Python
Descubre si tu currículum está listo para esta vacante
Mira cómo nuestra IA puede optimizar tu currículum y aumentar tus chances en este puesto.