- Lead "shift left" security efforts to build security into the software development lifecycle.
- Conduct secure design reviews and threat modeling. Identify and prioritize risks, attack surfaces, and vulnerabilities.
- Perform security code reviews of source code changes and advise developers on remediating vulnerabilities and following secure coding practices.
- Manage Anthropic's vulnerability management program. Triage and prioritize vulnerabilities from scans, audits, and bug bounty submissions. Track remediation and validate fixes.
- Oversee Anthropic's bug bounty program. Set scope, triage submissions, coordinate disclosure with engineering teams, and reward bounties. Cultivate relationships with the ethical hacker community.
- Research and recommend security tools and technologies to strengthen defenses against emerging threats targeting machine learning systems.
- Develop and document security policies, standards, and playbooks. Conduct security awareness training for engineers.
- Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development.
- Have 5+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments.
- Have empathy, collaboration skills, and a learning mindset to work cross-functionally with engineers of all levels to build security into the product life cycle.
- Can use creative and strategic thinking to reduce risk through secure design and simplicity, not just controls.
- Possess broad security knowledge to connect the dots across domains and identify holistic ways to lower the overall threat surface.
- Have the ability to distill complex security concepts into clear actions and drive consensus without direct authority.
- Have a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and education.
- Have strong grasp of offensive security to anticipate risks from an adversary's perspective, not just check compliance boxes.
- Have experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses.
- Are passionate for security fundamentals like least privilege, defense-in-depth, and eliminating complexity that could sub-linearly scale security through smart design.
- Have hands-on technical expertise securing complex cloud environments and microservices architectures leveraging technologies like Kubernetes, Docker, and AWS / GCP.
- Have experience with offensive security techniques like vulnerability testing, pen testing, and red team exercises.
- Have familiarity with AI/ML security risks such as data poisoning, model extraction, adversarial examples, etc. and mitigations.
- Have experience building security tools, scripts, and automations.
- Have a solid foundational knowledge of security engineering principles and technologies. Keen to continue learning.
- Possess excellent communication skills, able to distill complex security topics for broad audiences.
- Have a passion for security and protecting users. Willingness to constructively challenge assumptions to drive security.
- 100% of the skills needed to perform the job
- Formal certifications or education credentials
- The expected salary range for this position is $300-$405k
-
Web Application Security Engineer
1 week ago
Deutsche Telekom AG New York, United StatesAufgabe · Als Web Application Security Engineer (w/m/d) unterstützt Du unser Betriebsteam bei folgenden Aufgaben: · Konzeption, Implementierung und Betrieb der WAF- (Web Application Firewall), Reverse-Proxy- und Loadbalancing-Systeme · Unterstützung bei Netzwerk- und Security-Th ...
-
Junior Security Engineer
3 weeks ago
HDI Service AG New York, United StatesIhre Aufgaben: · Betrieb und Weiterentwicklung der technischen Cyber Security Lösungen (z.B. EDR, NDR, SIEM, Vulnerability-Scanning) · Administration von Security Agenten auf Endsystemen · Unterstützung bei der Planung, Installation, Konfiguration und Migration von innovativen ...
-
Senior Security Engineer
3 weeks ago
HDI Service AG New York, United StatesIhre Aufgaben: · Verantwortung für den Betrieb und die Architektur der Splunk Infrastruktur · Weiterentwicklung der Splunk Plattform · Technische Beratung und Umsetzung von (Security) Use Cases · Ausbau der Interkonnektivität der Splunk Plattform · Integration, regelmäßige Ü ...
-
Security Engineer
4 weeks ago
Alchemy New York, United Statesis to bring blockchain to a billion people. The Alchemy Platform is a world class developer platform designed to make building on the blockchain easy. We've built leading infrastructure in the space, powering over $105 billion in transactions for tens of millions of users in 99% ...
-
Security Engineer
3 days ago
Alchemy New York, United Statesis to bring blockchain to a billion people. The Alchemy Platform is a world class developer platform designed to make building on the blockchain easy. We've built leading infrastructure in the space, powering over $105 billion in transactions for tens of millions of users in 99% ...
-
Security Engineer
10 hours ago
TSR Consulting New York, United StatesAbout TSR: · TSR is a relationship-based, customer-focused IT and technical services staffing company. · For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR Consulting Services, have prospered in the Information Technology staffing business, earning the respect of co ...
-
Security Engineer
1 week ago
MedReview Inc. New York, United StatesWorkingConditions: Full-time (M-F), Office Business Settings. This is an On-Premises position. Monday through Thursday (9-5) and remote on Fridays only . · PositionSummary –The Security Engineer is responsible for securing – maintaining and monitoring MedReview's enterprise infra ...
-
Security Engineer
1 week ago
Green Key Resources New York, United StatesDepartment: Infrastructure Services · StaffTitle: Security Engineer · Reportsto: Director of IT · FLSAStatus: Exempt · WorkingConditions: Full-time (M-F), Office Business Settings. This is an On-Premises position. Monday through Thursday (9-5) and remote on Fridays only (No excep ...
-
IT Security Engineer
2 weeks ago
NYC Health Hospitals New York, United StatesMetroPlus Health provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Excha ...
-
Security Engineer
10 hours ago
Celonis GmbH New York, United StatesWe're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join ...
-
Security Engineer
3 weeks ago
Datadog New York, United StatesWe are looking for a Security Engineer for the Software Integrity and Trust team to build systems that protect Datadog against various forms of supply-chain attacks. · You'll join at an ideal time to make a big impact: supply-chain attacks continue to be one of the fastest growin ...
-
Security Engineer
2 weeks ago
Wallero New York, United StatesTitle: Security Engineer · Position: Contract · PRIMARY LOCATION: New York · Note: Only who are willing work on our W2 · Description: · Highly motivated self-starter with excellent interpersonal and problem-solving skills · Bachelor s degree or equivalent work experience · Good o ...
-
IT Security Engineer
10 hours ago
CyberTec New York, United StatesIT Security Engineer, 10 + Years · Work Location: ONSITE, Graybar Building, NYC · Desired Start Date: 3/18/2024 · Duration: 12 Months · Work hours: 40.00 · Business Organization:METROPOLITAN TRANSPORTATION AUTHORITY · Pay Rate $65 · Responsibilities include the following: ...
-
Security Engineer
2 weeks ago
TSR Consulting New York, United StatesAbout TSR: · Make your application after reading the following skill and qualification requirements for this position. · TSR is a relationship-based, customer-focused IT and technical services staffing company. · For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR ...
-
IT Security Engineer
20 hours ago
E.L.F. Beauty, Inc. New York, United StatesAbout the Company · e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and driven our portfolio expansion. Today, our mult ...
-
Security Engineer
10 hours ago
Figma New York, United StatesFigma is growing our team of passionate people on a mission to make design accessible to all. Born on the Web, Figma helps entire product teams brainstorm, design and build better products - from start to finish. Whether it's consolidating tools, simplifying workflows, or collabo ...
-
Security Engineer
20 hours ago
Alchemy New York, United StatesOur mission is to bring blockchain to a billion people. The Alchemy Platform is a world class developer platform designed to make building on the blockchain easy. We've built leading infrastructure in the space, powering over $105 billion in transactions for tens of millions of u ...
-
Security Engineer
3 weeks ago
MicroData Systems, Inc. New York, United StatesJob Description · Job DescriptionSecurity Engineer · Your Career · As a Security Engineer you will be responsible for assisting with the log migration and detection strategy of our customers. You will work closely with the technical lead to ensure that all the relevant log sourc ...
-
Security Engineer 2
2 weeks ago
Datadog New York, United StatesSecurity Engineer 2 - Adversary Simulation Operations · New York, New York, USA · We're looking for engineers with a background in offensive security in the areas of Kubernetes and container security, network penetration testing, application security and cloud infrastructure. Ex ...
-
Network Security Engineer
2 weeks ago
CornerStone Consulting Group, Inc. in Pittsburgh, PA New York, United StatesWe are looking for candidates that have 5+ years of network security engineering experience to join our client's team as a full-time employee. Will be responsible for providing support for the enterprise network security design and monitoring activities. Should have extensive exp ...
Application Security Engineer - New York, United States - Anthropic
Description
Anthropic is working on frontier AI research that has the potential to transform how humans and machines interact. As we rapidly advance foundational LLMs, application security is paramount. In this role, you will apply security patterns built for high-risk environments to safeguard model weights as we scale new capabilities. Working closely with software engineers, you will institute controls around access, infrastructure, and data to proactively minimize risks from bad actors. This is an opportunity to join a team of experts building AI for social good, while advancing the frontier of safe and ethical AI development.About Anthropic Anthropic is an AI safety and research company that's working to build reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our customers and for society as a whole. Our interdisciplinary team has experience across ML, physics, policy, business and product.
Responsibilities:
You may be a good fit if you:
Strong candidates may also:
Candidates need not have:
Annual Salary (USD)
Deadline to apply: None. Applications will be reviewed on a rolling basis.
US visa sponsorship: We do sponsor visas However, we aren't able to successfully sponsor visas for every role and every candidate; operations roles are especially difficult to support. But if we make you an offer, we will make every effort to get you into the United States, and we retain an immigration lawyer to help with this.
We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team.
Compensation and Benefits* Anthropic's compensation package consists of three elements: salary, equity, and benefits. We are committed to pay fairness and aim for these three elements collectively to be highly competitive with market rates.
Equity - On top of this position's salary (listed above), equity will be a major component of the total compensation. We aim to offer higher-than-average equity compensation for a company of our size, and communicate equity amounts at the time of offer issuance.
US Benefits - The following benefits are for our US-based employees: - Optional equity donation matching at a 3:1 ratio, up to 50% of your equity grant. - Comprehensive health, dental, and vision insurance for you and all your dependents k) plan with 4% matching. - 22 weeks of paid parental leave. - Unlimited PTO – most staff take between 4-6 weeks each year, sometimes more - Stipends for education, home office improvements, commuting, and wellness. - Fertility benefits via Carrot. - Daily lunches and snacks in our office. - Relocation support for those moving to the Bay Area.
UK Benefits - The following benefits are for our UK-based employees: - Optional equity donation matching at a 3:1 ratio, up to 50% of your equity grant. - Private health, dental, and vision insurance for you and your dependents. - Pension contribution (matching 4% of your salary weeks of paid parental leave. - Unlimited PTO – most staff take between 4-6 weeks each year, sometimes more - Health cash plan. - Life insurance and income protection. - Daily lunches and snacks in our office.
* This compensation and benefits information is based on Anthropic's good faith estimate for this position as of the date of publication and may be modified in the future. Employees based outside of the UK or US will receive a different benefits package. The level of pay within the range will depend on a variety of job-related factors, including where you place on our internal performance ladders, which is based on factors including past work experience, relevant education, and performance on our interviews or in a work trial.
How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact — advancing our long-term goals of steerable, trustworthy AI — rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. We do not have boundaries between engineering and research, and we expect all of our technical staff to contribute to both as needed.
The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences.
Come work with us Anthropic is a public benefit corporation based in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues.