The Insider Risk Team works cross-functionally to deter, identify, investigate and mitigate risks to Anthropic's most critical assets,our people, our data, and our infrastructure.

Responsibilities:

• Triage custom technical detection alerts
• Independently conduct end-to-end insider risk investigations while working closely with IT, Detection and Response, Legal, HR and other cross-functional teams
• Monitor and triage external threats targeting employees
• Conduct sensitive interviews of employees or other involved parties
• Perform technical analysis of logs from SIEM, DLP, UEBA systems
• Leverage AI tools (Claude, Claude Code) to accelerate investigation workflows and data analysis
• Build and maintain investigation documentation
• Assist in iterating and improving on processes, procedures and systems to detect, mitigate and investigate insider risks
• Work cross-functionally to develop, refine and operationalize insider risk indicators, scenarios and mitigation strategies
• Provide rapid-turnaround security assessments to support business operations
• Support education and awareness programs to promote a robust security culture
• Serve as the subject matter expert for insider risk and provide training to team members as needed

You may be a good fit if you have:

• Bachelor's degree and/or higher education in a related field
• 5-8 years of experience in insider risk, corporate investigations or a related domain
• 3-5 years experience in conducting investigative interviews
• Experience conducting OSINT for threat assessment, or counterintelligence
• Experience leveraging DLP, UEBA, SIEM, SOAR and other insider risk security tooling for detections and investigations
• Broad understanding of internal and external investigations, cybersecurity, interview techniques, risk assessment and managing strong cross-functional relationships
• Ability to communicate complex security findings clearly and concisely to non-technical stakeholders (written and verbal)
• Track record of rapid response to time-sensitive security requests
• Comfort operating across organizational boundaries (Security, People, Legal, IT)
• Exceptional communication, collaboration skills and the ability to lead projects with little guidance
• Demonstrated ability to operate independently with minimal oversight while managing sensitive cases

Strong candidates may also have:

• Experience working in the technology industry or at/with AI/ML companies
• Experience with counterintelligence investigations and nation-state threat actor TTPs
• Background in open-source intelligence collection and analysis
• Track record of AI/LLM adoption for productivity gains in investigative work
• Experience contributing to a high growth startup environment
• Specialized knowledge of risks unique to the AI sector
• Experience with data exfiltration investigations across multiple vectors (email, cloud, removable media)
• Experience working in government, defense, or high-security environments

What makes you successful here:

• Entrepreneurial mindset: You see gaps and fill them without being asked
• Technical + human balance: Equal comfort analyzing log data and conducting sensitive interviews
• AI-native approach: You leverage LLMs to work smarter, not just harder
• Mission alignment: You understand AI safety stakes and insider risk's role in protecting that mission
• Judgment under uncertainty: You make sound decisions with incomplete information
• Clear communicator: You distill complex findings into actionable insights for diverse audiences
• Cross-functional navigator: You build relationships and collaborate effectively across teams

Annual compensation range for this role is $245,000-$305,000 USD.

XML job scraping automation by YubHub

You will set the technical direction, write code and ship tooling alongside your team, and build the culture and processes that allow the team to scale.

Corporate Security at Anthropic encompasses everything that protects our people, endpoints, networks, SaaS ecosystem, and corporate data,the full surface area outside of production infrastructure.

The scope is broad and the team is deliberately small, which means you'll need deep technical skills across multiple domains, strong judgment about where to invest, and a bias toward automation and engineering-driven solutions over manual process.

You'll report into Security leadership and partner closely with IT, Infrastructure Security, Detection & Response, and GRC teams.

This role is high-visibility and high-autonomy: you'll be expected to define the roadmap, make architectural decisions, and represent Corporate Security across the company.

Responsibilities:

Technical Leadership & Hands-on Engineering

• Own the security architecture, tooling, and controls for Anthropic's corporate environment end-to-end, including endpoint fleets (macOS, Windows, ChromeOS), campus and office networks, SaaS applications, mobile devices

• Design, build, and ship security automation, integrations, and internal tooling,including leveraging Claude and LLMs to accelerate security workflows

• Define and enforce security baselines, hardening standards, and configuration policies across all corporate platforms

• Define what it means to operate safely in an environment where AI agents act more like humans than actual humans

• Evaluate, select, deploy, and operate corporate security tools (EDR/XDR, MDM, ZTNA, CASB/SSPM, email security, DLP, browser security, etc.)

• Drive vulnerability management for corporate assets, including patch orchestration, risk-based prioritization, and exception management

• Lead security reviews of new SaaS adoptions, corporate infrastructure changes, and IT projects

People Leadership & Team Building

• Manage, mentor, and grow a purposefully lean team of Security Engineers; set clear expectations, run effective 1:1s, and create an environment where engineers do the best work of their careers

• Hire and build the team as scope expands,own the hiring bar and pipeline for Corporate Security Engineering roles

• Balance your own IC contributions with the team’s needs; know when to go deep on a problem yourself and when to delegate and coach

• Foster a culture of operational excellence, blameless incident review, and continuous improvement

Strategy & Cross-Functional Partnership

• Define and own the Corporate Security roadmap, aligning investments to Anthropic’s risk profile and growth trajectory

• Partner with IT Operations to ensure security is embedded in endpoint provisioning, network design, and SaaS lifecycle management

• Collaborate with Detection & Response on telemetry coverage, detection engineering, and incident handling for corporate-sourced events

• Partner with Infrastructure and Security Engineering teams to ensure security standards are consistent across all of Anthropic

• Communicate security posture, risks, and investment needs to Security leadership and cross-functional stakeholders clearly and persuasively

Requirements

• 8+ years of Security Engineering experience in a corporate/enterprise security domain (endpoint security, network security, SaaS security, identity, or a combination)

• 2+ years of experience managing or tech-leading a team of engineers, with a demonstrated track record of developing talent and shipping results through others

• Are a strong engineer who still writes code regularly,you can prototype a tool, write a detection, build an integration, or debug a complex configuration issue

• Have deep experience with macOS fleet security (this is our primary platform) and solid working knowledge of Windows and ChromeOS security

• Have hands-on experience deploying and operating EDR/XDR, MDM, ZTNA/zero trust, and identity security solutions at scale

• Understand modern SaaS security challenges: shadow IT, OAuth token sprawl, data exfiltration paths, SaaS-to-SaaS integrations, and SSPM/CASB tooling

• Can work independently with high autonomy, manage ambiguity, and make sound risk-based prioritization decisions in a fast-paced environment

• Have excellent communication skills and can translate complex security topics into clear recommendations for technical and non-technical audiences

Strong Candidates May Have

• Securing corporate environments at high-growth AI, cloud, or developer-tools companies

• Maturing a Corporate Security function from early stage, including defining scope, selecting the initial toolset, and hiring the founding team

• Advanced macOS security (system extensions, endpoint security framework, MDM profile engineering, Declarative Device Management)

• Network security architecture for hybrid/multi-office environments, including SD-WAN, ZTNA, DNS security, and network segmentation

• Browser security and isolation technologies (e.g., Island, Talon/Palo Alto, Chrome Enterprise)

• Proficiency in Python, Go, or similar languages for building security tooling and automation

• Experience leveraging LLMs/AI to augment security operations, build investigative tooling, or automate policy enforcement

• Familiarity with IaC (Terraform), CI/CD pipelines, and DevSecOps practices as they apply to corporate infrastructure management

• Mobile security for iOS/Android in a BYOD and corporate-managed device environment

• Data Loss Prevention (DLP) program design and implementation across endpoints, email, SaaS, and cloud storage

Logistics

• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience

• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience

• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position

• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

XML job scraping automation by YubHub

Your expertise will be crucial in building proactive security strategies that align with our business goals and protect the company from an ever-evolving threat landscape. This position demands deep expertise in security principles and a comprehensive understanding of the entire infrastructure stack and IAM systems to design robust, future-ready security solutions.

You will be instrumental in safeguarding our systems' resilience and integrity against ever-evolving cyber threats. You will play a critical role in shaping our security strategy for modern platforms across AWS, Azure, GCP, network infrastructure, storage, and SaaS solutions, help establish a strong least privilege (PoLP) model, providing specialized IAM expertise, and securely supporting SaaS with sensitive information (NHI).

You will also be a key contributor in building our internal strategy for secure AI development. Additionally, you will support the secure integration of SaaS platforms such as Google Workspace, collaboration tools, and GTM systems, maintaining alignment with enterprise security standards.

Close collaboration with cross-functional teams is essential to embed security throughout the technology stack.

The impact you will have:

• Design and implement secure, scalable reference architectures for the Databricks IT across Cloud Infra (Compute, DBs, Network, Storage), SaaS, Custom Built Applications, Data & AI systems.
• Establish and enforce security controls for: Core Security Areas: - Databricks Workspace Management: Workspace isolation, Unity Catalog for data governance.
• Secure Networking: VPC configs, PrivateLink, IP Allow Lists.
• Identity and Access Management (IAM): SSO, SCIM user provisioning, RBAC via Un, Strong MFA best practices for enterprise identities and customers.
• Data Encryption: At rest and in transit, customer-managed keys for critical assets.
• Data Exfiltration Prevention: Admin console settings, VPC endpoint controls.
• Cluster Security: User isolation, compliance with enhanced security monitoring/Compliance Security Profiles (HIPAA, PCI-DSS, FedRAMP).
• Offensive Security: Test and challenge the effectiveness of the organization’s security defenses by mimicking the tactics, techniques, and procedures used by actual attackers.
• Specialized Security Functions: - Non-human Identity Management: Design and implement secure authentication and authorization for automated systems (service accounts, API keys, machine identities), focusing on automation and integration with existing identity management systems.
• IAM Best Practices: Develop and document comprehensive Identity and Access Management policies, including user provisioning, de-provisioning, access reviews, privileged access management, and multi-factor authentication, ensuring security and compliance.
• Data Loss Prevention (DLP): Implement DLP solutions to identify, monitor, and protect sensitive data across endpoints, networks, and cloud environments, preventing unauthorized access, use, or transmission.
• SaaS Proxy Design and Implementation: Design and implement cloud-based proxies for SaaS applications (SASE solutions) to provide secure access, enforce security policies, monitor user activity, and protect against threats.
• Cloud Infrastructure Best Practices: Establish and document best practices for VPC configurations, cloud networking, and infrastructure as code using Terraform, ensuring secure network segmentation, routing, firewalls, and VPNs for consistent, automated, and secure deployments.
• Least Privilege Access for Data Security: Design and implement data security controls based on the principle of least privilege, ensuring users and systems have only the minimum necessary access through fine-grained controls, data classification, and regular access reviews.
• Guide internal IT on Databricks’ security and compliance certifications (SOC 2, ISO 27001/27017/27018, HIPAA, PCI-DSS, FedRAMP), and support security reviews/audits.
• Support incident response, vulnerability management, threat modeling, and red teaming using audit logs, cluster policies, and enhanced monitoring.
• Stay current on industry trends and emerging threats in GenAI, AI Agentic flow, MCPs to enhance security posture.
• Advise executive leadership on security architecture, risks, and mitigation.
• Mentor security engineers and developers on secure design and best practices.

What we look for:

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field
• Master’s degree in Computer Science specifically in Information Security or a related discipline is strongly preferred
• Minimum 12 years in cybersecurity, with 5+ in security architecture or senior technical roles.
• Experience in FedRAMP High systems/ GovCloud preferred.
• Must have direct experience designing and securing enterprise platforms in complex multi-cloud environments, deep knowledge of enterprise architecture and security features (control plane/data plane separation, network infra, workspace hardening, network segmentation/ isolation), and hands-on experience automating security controls with Terraform and scripting.
• Proven expertise securing data analytics pipelines, SaaS integrations, and workload isolation in enterprise ecosystems.
• Experience with Enterprise Security Analysis Tools and monitoring/security policy optimization.
• Deep experience in threat modeling, design, PoC, and implementing large-scale enterprise solutions.
• Extensive hands-on experience in AWS cloud security, network security, with knowledge of Zero Trust, Data Protection, and Appsec.
• Strong understanding of enterprise IAM systems (Okta, SailPoint, VDI, Entra ID) and Data Protection.
• Expert experience with SIEM platforms, XDR, and cloud-native threat detection tools.
• Expert in web application security, OWASP, API security, and secure design and testing.
• Hands-on experience with security automation is required, with proficiency in AI-assisted development, Python, Cursor, Lambda, Terraform, or comparable scripting/IaC tools for operational efficiency.
• Industry certifications like CISSP, CCSP, CEH, AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional, or AWS Certified Advanced Networking – Specialty (or equivalent) are preferred.
• Ability to influence stakeholders and drive alignment.
• Strategic thinker with a passion for security innovation, continuous improvement, and building scalable defenses.

Pay Range Transparency

Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above.

XML job scraping automation by YubHub

The Insider Risk Team works cross-functionally to deter, identify, investigate and mitigate risks to Anthropic's most critical assets,our people, our data, and our infrastructure.

Responsibilities:

• Triage custom technical detection alerts
• Independently conduct end-to-end insider risk investigations while working closely with IT, Detection and Response, Legal, HR and other cross-functional teams
• Monitor and triage external threats targeting employees
• Conduct sensitive interviews of employees or other involved parties
• Perform technical analysis of logs from SIEM, DLP, UEBA systems
• Leverage AI tools (Claude, Claude Code) to accelerate investigation workflows and data analysis
• Build and maintain investigation documentation
• Assist in iterating and improving on processes, procedures and systems to detect, mitigate and investigate insider risks
• Work cross-functionally to develop, refine and operationalize insider risk indicators, scenarios and mitigation strategies
• Provide rapid-turnaround security assessments to support business operations
• Support education and awareness programs to promote a robust security culture
• Serve as the subject matter expert for insider risk and provide training to team members as needed

You may be a good fit if you have:

• Bachelor's degree and/or higher education in a related field
• 5-8 years of experience in insider risk, corporate investigations or a related domain
• 3-5 years experience in conducting investigative interviews
• Experience conducting OSINT for threat assessment, or counterintelligence
• Experience leveraging DLP, UEBA, SIEM, SOAR and other insider risk security tooling for detections and investigations
• Broad understanding of internal and external investigations, cybersecurity, interview techniques, risk assessment and managing strong cross-functional relationships
• Ability to communicate complex security findings clearly and concisely to non-technical stakeholders (written and verbal)
• Track record of rapid response to time-sensitive security requests
• Comfort operating across organizational boundaries (Security, People, Legal, IT)
• Exceptional communication, collaboration skills and the ability to lead projects with little guidance
• Demonstrated ability to operate independently with minimal oversight while managing sensitive cases

Strong candidates may also have:

• Experience working in the technology industry or at/with AI/ML companies
• Experience with counterintelligence investigations and nation-state threat actor TTPs
• Background in open-source intelligence collection and analysis
• Track record of AI/LLM adoption for productivity gains in investigative work
• Experience contributing to a high growth startup environment
• Specialized knowledge of risks unique to the AI sector
• Experience with data exfiltration investigations across multiple vectors (email, cloud, removable media)
• Experience working in government, defense, or high-security environments

What makes you successful here:

• Entrepreneurial mindset: You see gaps and fill them without being asked
• Technical + human balance: Equal comfort analyzing log data and conducting sensitive interviews
• AI-native approach: You leverage LLMs to work smarter, not just harder
• Mission alignment: You understand AI safety stakes and insider risk's role in protecting that mission
• Judgment under uncertainty: You make sound decisions with incomplete information
• Clear communicator: You distill complex findings into actionable insights for diverse audiences
• Cross-functional navigator: You build relationships and collaborate effectively across teams

Annual compensation range for this role is $245,000-$305,000 USD.

XML job scraping automation by YubHub

Location

San Francisco; New York City; Remote - US; Seattle

Employment Type

Full time

Department

Security

Compensation

• $230K – $385K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity.

The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

As a Security Engineer you will join our OpenAI engineers and researchers in building, operating and securing transformational AI technologies. This role will focus on all aspects of Detection & Response but with a strong emphasis on detecting insider threats and influencing controls to safeguard OpenAI's most sensitive assets. In this role, you will:

Responsibilities

• Innovate on Detection and Response infrastructure to engineer and automate end-to-end detection and investigation workflows.

• Develop, measure, and tune detection rules to ensure effective and sustainable operations.

• Drive projects across OpenAI’s technology stack with a focus on insider threats, ranging from access abuse and intellectual property theft to novel risks emerging within AI infrastructure.

• Partner closely with cross-functional stakeholders, including HR, Legal, and peer investigative teams, providing technical expertise and evidence to support investigations.

• Collaborate on cutting-edge AI research, and use AI to improve OpenAI’s Security posture.

Requirements

• 5+ years experience working in a detection/response or insider-risk role.. We are seeking mid-level and senior candidates.

• You have broad familiarity with operating systems and platforms such as macOS, Windows, Linux, and Kubernetes, along with experience in cloud infrastructure.

• Knowledge of modern adversary tactics and attack paths, data exfiltration techniques, and have experience running and leading incidents.

• Proficiency with a scripting language (e.g. Python, Bash, PowerShell, or similar).

• Independently manage and run projects , balance preventative controls with user friction, and prioritize efforts for risk reduction.

• You’re motivated by securing transformative technology and can adapt familiar security frameworks to new risks in AI infrastructure

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

XML job scraping automation by YubHub