{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/developer-tooling-and-supply-chain"},"x-facet":{"type":"skill","slug":"developer-tooling-and-supply-chain","display":"Developer Tooling And Supply Chain","count":1},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_21e4422b-13c"},"title":"Security Engineer - Threat Intel","description":"<p>As a Threat Intelligence Engineer at Anthropic, you will be a hands-on practitioner responsible for producing actionable intelligence that drives our detections, hunts, and defensive priorities. You will track the adversaries most likely to target a frontier AI lab, build the tooling and pipelines that turn raw indicators into operational defenses, and work shoulder-to-shoulder with detection engineers and incident responders to make sure intelligence actually changes outcomes.</p>\n<p>Key responsibilities include:</p>\n<ul>\n<li>Research, track, and report on threat actors and campaigns targeting AI labs, cloud infrastructure, and the broader technology sector , producing timely, actionable intelligence for Security Engineering stakeholders</li>\n<li>Build and maintain tooling and automated pipelines to collect, enrich, correlate, and operationalize indicators of compromise into our detection and alerting stack</li>\n<li>Develop and execute intelligence-driven threat hunts across endpoint, cloud, identity, and SaaS telemetry, and turn findings into durable detections</li>\n<li>Perform technical analysis of malware, phishing infrastructure, and attacker tooling to extract indicators, TTPs, and attribution signals</li>\n<li>Partner with Detection Engineering and Incident Response to translate intelligence into detection rules, hunting hypotheses, and incident context in near-real-time</li>\n<li>Curate and triage inbound intelligence from commercial feeds, open source, government, and trusted peer relationships , prioritizing what matters for Anthropic&#39;s threat model</li>\n<li>Contribute to threat models and risk assessments that inform security architecture and defensive investment across the enterprise</li>\n<li>Build and maintain external intelligence-sharing relationships with peer companies, ISACs, and government partners</li>\n</ul>\n<p>You may be a good fit if you:</p>\n<ul>\n<li>Have 5+ years of hands-on experience in cyber threat intelligence, threat hunting, or intrusion analysis at an organization facing sophisticated adversaries</li>\n<li>Have deep, demonstrable knowledge of specific nation-state or advanced criminal threat actors , their tooling, infrastructure patterns, tradecraft, and targeting</li>\n<li>Are a strong engineer: you write production-quality Python (or similar), have built automation and data pipelines, and don&#39;t need to hand requirements to someone else to get tooling built</li>\n<li>Are comfortable performing malware analysis, infrastructure analysis (passive DNS, certificate pivoting, netflow), and log analysis to develop and validate your own findings</li>\n<li>Have experience authoring detection logic (YARA, Sigma, Snort/Suricata, or SIEM-native queries) and understand what makes a detection durable vs. brittle</li>\n<li>Can write clearly and concisely , your intelligence products are read and acted on, not filed away</li>\n<li>Have an existing network in the threat intelligence community and a track record of productive bidirectional sharing</li>\n</ul>\n<p>Strong candidates may have:</p>\n<ul>\n<li>Experience defending cloud-native and research-heavy environments (AWS/GCP, Kubernetes, ML infrastructure, developer tooling and supply chain)</li>\n<li>Prior work operating in a threat intelligence role tracking sophisticated or state-sponsored adversaries, where your analysis directly informed detection, threat hunting, and incident response</li>\n<li>Experience applying LLMs or other AI tooling to accelerate intelligence collection, enrichment, and analysis</li>\n<li>Public research, conference talks, or open-source tooling contributions in the CTI space</li>\n</ul>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_21e4422b-13c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Anthropic","sameAs":"https://www.anthropic.com/","logo":"https://logos.yubhub.co/anthropic.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/anthropic/jobs/5195705008","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$320,000-$405,000 USD","x-skills-required":["Python","Cyber threat intelligence","Threat hunting","Intrusion analysis","Malware analysis","Infrastructure analysis","Log analysis","Detection logic","YARA","Sigma","Snort/Suricata","SIEM-native queries"],"x-skills-preferred":["Cloud-native environments","Research-heavy environments","Kubernetes","ML infrastructure","Developer tooling and supply chain","LLMs or other AI tooling"],"datePosted":"2026-04-24T13:11:06.052Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"New York City, NY; Remote-Friendly (Travel-Required) | San Francisco, CA | Washington, DC; San Francisco, CA | New York City, NY"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Python, Cyber threat intelligence, Threat hunting, Intrusion analysis, Malware analysis, Infrastructure analysis, Log analysis, Detection logic, YARA, Sigma, Snort/Suricata, SIEM-native queries, Cloud-native environments, Research-heavy environments, Kubernetes, ML infrastructure, Developer tooling and supply chain, LLMs or other AI tooling","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":320000,"maxValue":405000,"unitText":"YEAR"}}}]}