Staff+ Security Engineer, Risk Engineering at Anthropic

On-site - San Francisco, CA; New York City, NY; Seattle, WA

Apply
More jobs at Anthropic

Anthropic’s Security Risk team is seeking a Staff+ Security Engineer to lead the development of AI-native risk engineering solutions. The role involves owning complex security risk problems, building systems to quantify and automate risk assessment, collaborating with Security Engineering, mentoring the team, and driving remediation roadmaps. The engineer will work across the organization’s security landscape, design risk tooling that leverages Claude for risk classification, and contribute to quantitative risk analysis using methods such as Monte Carlo simulation.

Requirements

Skills

  • At least 8 years of software engineering or security engineering experience, including leading and remediating complex security risks independently
  • Bachelor’s degree in a related field or equivalent experience
  • Strong programming skills in Python or at least one systems language such as Go, Rust, or C/C++
  • Broad knowledge across the core security engineering domains, with depth in at least one, including identity and secrets management, developer security and supply chain, infrastructure and cloud security, and secure frameworks
  • Calibrated risk judgment, meaning you can put a defensible severity and likelihood on an ambiguous problem and change your position when the evidence changes
  • Experience leading cross-functional security initiatives and navigating complex organizational dynamics
  • Outstanding communication skills, translating technical concepts effectively across all levels of the organization
  • A track record of bringing clarity and ownership to ambiguous technical problems and driving them to resolution
  • Low ego and high empathy, with a history of growing the engineers around you and supporting diverse, inclusive teams
  • Passion for AI safety and the role security and risk management play in building trustworthy AI systems

Responsibilities

  • Take ownership of Anthropic’s most complex security risk problems and drive them end to end with minimal oversight, turning ambiguous signals into a defensible view of severity and likelihood and seeing them through escalation, treatment decisions, and remediation
  • Build the systems that make risk measurable and let risk work scale, including quantification tooling, automated intake and triage, and the observability that partner teams use to understand their own risk posture
  • Work alongside Security Engineering as a calibrated technical peer who pressure tests architectures and treatment plans, translates findings into prioritized remediation roadmaps, and makes the investment case for what to fix now, what to accept and track, and what to defer
  • Mentor engineers and risk practitioners across Security and the broader engineering organization, and help build a risk engineering culture in which teams own their risks and our team provides the visibility and judgment that supports the organization
  • Work across the breadth of Anthropic’s security landscape, spanning areas like identity and secrets management, developer security and supply chain, infrastructure security, and secure frameworks, and build the context needed to reason about risk credibly in each
  • Go deep where a risk demands it, understanding how these systems are built and how they fail so that assessments and treatment plans reflect engineering reality rather than abstraction
  • Identify systematic risks through threat modeling and structured assessment, then drive the severity calibration and escalation conversations that follow, bringing leadership a defensible position and a clear recommendation that holds up under pointed questions
  • Contribute to the team’s quantitative risk work, applying methods such as calibrated estimation and Monte Carlo simulation where they meaningfully change a resource or treatment decision
  • Design and build AI-native risk tooling that uses Claude to classify incoming risks, augment triage, and continuously sense changes in our risk landscape as teams ship
  • Create dashboards and data pipelines that give engineering and product teams real-time visibility into their risk posture and make distributed ownership of risk practical
  • Partner with Security Engineering and risk owners to design remediation roadmaps that are explicit about sequencing, ownership, and the investment required
  • Measure outcomes rather than activity, focusing on decisions made and risk reduced

Technologies

PythonGoRustC/C++Claude

See if your resume is ready for this job

See how our AI can optimize your resume and improve your chances for this role.