Anthropic is seeking a Staff+ Software Security Engineer to lead the design, implementation, and maintenance of advanced security systems across our AI infrastructure. The role involves building end‑to‑end security solutions, performing threat modeling, mentoring engineering teams, and expanding security ownership throughout the organization. The successful candidate will have deep experience in identity and secrets management, cryptographic primitives, Kubernetes security, and CI/CD pipeline hardening, while contributing to our mission of building safe and trustworthy AI systems.
Staff+ Software Security Engineer en Anthropic
Presencial - San Francisco, CA
Más vacantes en AnthropicSalary
USD 405,000 - 485,000
Requirements
Skills
- At least 8 years of software engineering experience with deep security expertise, including leading complex security initiatives independently
- Bachelor's degree in Computer Science or equivalent industry experience
- Strong programming skills in Python or at least one systems language such as Go, Rust, or C/C++
- Deep understanding of identity systems, cryptographic primitives, and secrets management
- Working knowledge of Kubernetes security primitives including RBAC, namespaces, network policies, and service accounts
- Experience leading cross-functional security initiatives and navigating complex organizational dynamics
- Outstanding communication skills, translating technical concepts effectively across all levels of the organization
- A track record of bringing clarity and ownership to ambiguous technical problems and driving them to resolution
- Low ego and high empathy, with a history of growing the engineers around you and supporting diverse, inclusive teams
- Passion for AI safety and the role security engineering plays in building trustworthy AI systems
- Designed or operated identity and secrets management systems for large-scale AI or cloud infrastructure
- Built security frameworks or libraries adopted across an engineering organization
- Led a developer security program including supply chain security, secure build infrastructure, and SDLC integrations
- Built or secured CI infrastructure using Nix, Bazel, or Kubernetes-based deploy systems, with depth in toolchain issues, CI/CD pipelines, and developer workflow optimization
- Implemented machine identity or workload authentication systems using SPIFFE/SPIRE, mTLS, or equivalent
- Understanding of Linux systems internals including namespaces, cgroups, and seccomp, and how these underpin container and workload isolation
- Contributed to the security architecture of multi-cloud environments including network segmentation, data protection, and access governance
- Experience with network security controls including admission controllers, CNI-level policy, service mesh security, and east-west traffic enforcement
- Experience building runtime security monitoring using eBPF or kernel security policies
Responsibilities
- Scope, design, and build complex security systems end to end, maintaining them through production and driving through ambiguous technical challenges with minimal oversight
- Identify systematic risks through threat modeling and risk assessment, then build the controls and infrastructure that address them
- Mentor engineers across the security team and broader engineering organization, contribute to hiring, and grow security engineering culture at Anthropic
- Enable other teams to build their own security solutions by providing design pattern guidance and expanding security ownership beyond the security team
- Build and advance our developer security program by embedding security practices into the software development lifecycle and developer workflows
- Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement
- Architect systems that protect sensitive assets including model weights, customer data, and training datasets
- Build and operate credential issuance, rotation, and workload authentication across our multi-cloud environments
- Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
- Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
- Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation
- Build critical security foundations including cryptographic frameworks, mTLS infrastructure, secure serialization, and authorization systems
- Partner with product, research, infrastructure, and other security teams to ensure frameworks integrate smoothly with lower-layer security controls
Technologies
PythonGoRustC/C++KubernetesIAMNetwork segmentationVPCmTLSSPIFFESPIRENixBazelKubernetes-based deploy systemseBPFLinux systems internals (namespaces, cgroups, seccomp)Service meshCNI-level policyAdmission controllersContainer security
Descubre si tu currículum está listo para esta vacante
Mira cómo nuestra IA puede optimizar tu currículum y aumentar tus chances en este puesto.