You'll partner with Security, Platform, Core Experience, Protocols, and Compliance to ship secure-by-default capabilities that meet bank-grade and auditor expectations while preserving developer velocity and client experience. You will define and own the roadmap for security platform capabilities across cloud defense, secrets management, HSM-bound workflows, and secure-by-default developer tooling.

You'll translate regulatory, audit, and risk requirements into usable product surfaces and guardrails for internal teams and client-facing flows. You will also establish crisp product requirements, success metrics, and post-ship control evidence so Security, Risk, and Audit can verify effectiveness without slowing teams.

We have created the Factors of Growth & Impact to help Villagers better measure impact and articulate coaching, feedback, and the rich and rewarding learning that happens while exploring, developing, and mastering the capabilities and contributions within and outside of the Security Product Manager role:

Technical Skills:

• Work closely with the security engineering team on the detail prioritization of the security product roadmap, balancing new capability development with technical debt retirement to ensure long-term platform health.
• Demonstrate deep strategic thinking in shaping the roadmap, considering threat landscape, regulatory requirements, competitive positioning, and customer needs to drive long-term security product success.
• Deliver complex, cross-functional security projects with multiple dependencies (Security Engineering, Platform, Core Experience, Compliance), demonstrating strong product management skills and ability to drive swift execution while maintaining quality.
• Drive comprehensive go-to-market strategy for security capabilities, including defining success metrics, tracking KPIs, and iterating based on data-driven insights.

Complexity and Impact of Work:

• Contribute strategic insights that significantly impact company direction, control coverage, and the security roadmap.
• Demonstrate product leadership that elevates team performance and effectiveness across security and platform domains.

Organizational Knowledge:

• Develop deep understanding of Anchorage's business model, organizational structure, regulatory posture, and strategic priorities.
• Build and maintain strong relationships with stakeholders across Security, Engineering, Compliance, Risk, and Ops to ensure effective collaboration.
• Navigate and improve organizational processes to enhance efficiency, safety, and auditability across teams.
• Contribute to organizational strategy through security product expertise, control design insights, and market intelligence.
• Drive company objectives through strategic security product decisions and initiatives.

Communication and Influence:

• Effectively influence and motivate others through respectful engagement, aligning teams with broader organizational security and product goals.
• Enable cross-functional collaboration through clear, consistent communication and strategic influence on decision-making at every level of the organization.
• Communicate clearly with executives, auditors, and prospective customers on control intent, coverage, evidence, and roadmap tradeoffs.
• Act as a thoughtful knowledge partner to senior leadership, helping improve organizational security dynamics through empathetic understanding.

You may be a fit for this role if you have:

• 6+ years in product management with 3+ focused on platform or security products in regulated or high-assurance environments.
• Strong technical fluency in one or more: cryptographic primitives, authN/Z, HSMs and key management, secrets management, secure software delivery, runtime isolation, threat modeling.
• Proven record shipping platform controls that are both developer-friendly and audit-ready.
• Experience converting regulatory or control frameworks (e.g., SOC 2, FFIEC, OCC expectations, ISO 27001) into practical product requirements.
• Comfortable operating across deeply technical teams and non-technical stakeholders (Security, Compliance, Risk, Ops, Client Success).
• Excellent written and verbal communication skills, adept at conveying complex security concepts clearly to diverse audiences.
• Experience in driving and managing complex projects across multiple teams, demonstrating exceptional leadership and problem-solving skills.
• Your empathy and adaptability not only complement others' working styles but also embody our culture of curiosity, creativity, and shared understanding.
• You self describe as some combination of the following: creative, humble, ambitious, detail oriented, hard working, trustworthy, eager to learn, methodical, action oriented, and tenacious.

Although not a requirement, bonus points if:

• Experience in digital assets or financial infrastructure.
• Hands-on experience with hardware signing flows, policy engines, or secure enclave/HSM integrations.
• Built systems for straight-through-processing with pre-authorization risk decisions.
• Familiarity with incident response and detection engineering product needs.
• You have written your own smart contract or dApp.
• You have built 0 to 1 products for financial institutions either as a PM or a developer.

Additional Information About Anchorage Digital:

Who we are The Anchorage Village, what we call our team, brings together the brightest minds from platform security, financial services, and distributed ledger technology.

XML job scraping automation by YubHub

Key Responsibilities:

• Engineer Secure Foundations: You will lead the design and implementation of critical security services, with a heavy focus on building robust Identity and Access Management (IAM) systems and automated, API-driven certificate management workflows.
• Security-as-Code & Scalability: Leveraging a software-first philosophy, you will develop and maintain high-quality, scalable security tooling and middleware within ECS and Kubernetes environments, ensuring security logic is integrated directly into the deployment pipeline.
• Collaborative Code Ownership: You will serve as a technical authority in cross-functional code reviews, acting as an engineering peer who helps teams bake security into their services from the first line of code to the final pull request.
• Proactive System Hardening: You will stay ahead of the evolving threat landscape by treating security as a continuous engineering challenge,proactively identifying vulnerabilities and architecting technical solutions to fortify our global ecosystem.

Professional Requirements:

• Demonstrated ability to architect secure, distributed systems with a focus on programmatic IAM and automated, API-driven PKI management.
• Extensive experience with Infrastructure as Code (IaC) in Terraform and a deep commitment to writing clean, maintainable, and production-grade code,ideally in Golang.
• A test-first mentality toward security, with experience building unit and integration tests into CI/CD pipelines to ensure that security guardrails are as reliable as the features they protect.
• A strong conceptual grasp of cryptographic primitives and hands-on experience securing containerized workloads and service meshes within ECS and Kubernetes.
• A track record of taking end-to-end ownership of complex technical projects, from initial design docs and RFCs through to deployment and observability.
• A belief that if it isn't tested, it's broken, and a drive to proactively identify and fix vulnerabilities by treating security as a continuous engineering challenge.

Our Team Philosophy: The Security Engineering team is a diverse and dynamic group passionate about building secure and resilient systems. We're enthusiastic about security, but we're not about rigid, one-size-fits-all controls. We believe in striking a balance between protecting our systems and empowering our developers to build and innovate.

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the Team

The Security Engineering team protects Anthropic's AI systems and maintains the trust of our users and society. We define the authentication architecture for our training infrastructure, design the cryptographic foundations that protect model weights and training data, and drive the developer security program that shapes how engineers build and ship software.

About the role:

• Scope, design, and build complex security systems end to end, maintaining them through production and driving through ambiguous technical challenges with minimal oversight
• Identify systematic risks through threat modeling and risk assessment, then build the controls and infrastructure that address them
• Mentor engineers across the security team and broader engineering organisation, contribute to hiring, and grow security engineering culture at Anthropic
• Enable other teams to build their own security solutions by providing design pattern guidance and expanding security ownership beyond the security team

Developer security and supply chain

• Build and advance our developer security program by embedding security practices into the software development lifecycle and developer workflows
• Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement

Identity and secrets management

• Architect systems that protect sensitive assets including model weights, customer data, and training datasets
• Build and operate credential issuance, rotation, and workload authentication across our multi-cloud environments

Infrastructure security

• Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
• Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
• Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

Secure frameworks

• Build critical security foundations including cryptographic frameworks, mTLS infrastructure, secure serialization, and authorization systems, designed to prevent entire classes of vulnerabilities and empower engineering teams to work securely without becoming security experts themselves
• Partner with product, research, infrastructure, and other security teams to ensure frameworks integrate smoothly with lower-layer security controls

You may be a good fit if you have:

• At least 8 years of software engineering experience with deep security expertise, including leading complex security initiatives independently
• Bachelor's degree in Computer Science or equivalent industry experience
• Strong programming skills in Python or at least one systems language such as Go, Rust, or C/C++
• Deep understanding of identity systems, cryptographic primitives, and secrets management
• Working knowledge of Kubernetes security primitives including RBAC, namespaces, network policies, and service accounts
• Experience leading cross-functional security initiatives and navigating complex organisational dynamics
• Outstanding communication skills, translating technical concepts effectively across all levels of the organisation
• A track record of bringing clarity and ownership to ambiguous technical problems and driving them to resolution
• Low ego and high empathy, with a history of growing the engineers around you and supporting diverse, inclusive teams
• Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Strong candidates may also have:

• Designed or operated identity and secrets management systems for large-scale AI or cloud infrastructure
• Built security frameworks or libraries adopted across an engineering organisation
• Led a developer security program including supply chain security, secure build infrastructure, and SDLC integrations
• Built or secured CI infrastructure using Nix, Bazel, or Kubernetes-based deploy systems, with depth in toolchain issues, CI/CD pipelines, and developer workflow optimisation
• Implemented machine identity or workload authentication systems using SPIFFE/SPIRE, mTLS, or equivalent
• Understanding of Linux systems internals including namespaces, cgroups, and seccomp, and how these underpin container and workload isolation
• Contributed to the security architecture of multi-cloud environments including network segmentation, data protection, and access governance
• Experience with network security controls including admission controllers, CNI-level policy, service mesh security, and east-west traffic enforcement
• Experience building runtime security monitoring using eBPF or kernel security policies

Deadline to apply:

None, applications will be received on a rolling basis.

The annual compensation range for this role is listed below.

For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning the total amount of money an employee is expected to earn in a year, including bonuses and other forms of compensation.

XML job scraping automation by YubHub