As a Staff Security Engineer, you will design and implement scalable triage, prioritization, and remediation-tracking systems across application, infrastructure, and hardware domains. You will set technical standards, drive high-impact initiatives, and mentor engineers through technical leadership, while partnering with leadership on priorities and execution risks.

Key Responsibilities:

• Lead high-complexity VM technical initiatives and deliver architecture decisions for assigned program areas
• Design and build scalable triage automation, including integrations, decision logic, and production hardening
• Implement end-to-end workflow components from assessment and detection to ticket routing and remediation tracking
• Provide deep technical leadership on hardware-adjacent vulnerabilities (GPU firmware, DPU firmware/BlueField, and BMC surfaces)
• Act as senior technical responder for embargoed disclosures and zero-day events, coordinating with owner teams that deploy fixes
• Improve prioritization logic, severity models, and exception workflows through code, design reviews, and technical proposals
• Produce actionable technical metrics and risk insights for leadership consumption
• Lead root-cause analysis for high-impact vulnerability incidents and implement durable technical improvements
• Mentor IC3/IC4/IC5 engineers through design guidance, code review, and incident coaching
• Partner with security, engineering, and operational stakeholders to improve workflow reliability and accelerate remediation outcomes

Requirements:

• 9+ years of relevant experience with demonstrated strategic impact in vulnerability management, application security, platform security, or cloud security engineering
• Proven track record building and scaling security automation (SOAR workflows, AI/ML systems, detection pipelines) in production environments
• Deep subject matter expertise with vulnerability management best practices: CVSS, EPSS, CISA KEV, threat intelligence integration, and risk-based prioritization frameworks
• Excellent development background with strong coding skills in Python, Go, or similar languages for building scalable, production-grade security systems
• Significant experience with modern vulnerability management tooling (for example Wiz, Semgrep, Rapid7, Tenable, or equivalent)
• Experience with specialized infrastructure: GPU/DPU environments, firmware security, hardware vulnerabilities, or high-performance computing
• Demonstrated track record mentoring engineers across levels and driving cross-functional technical initiatives at organizational scale
• Strong business acumen and understanding of how security decisions impact engineering velocity, customer trust, and business outcomes

Preferred Qualifications:

• Practical experience building AI/ML-powered security systems (LLM integration, automated decision-making, human-in-the-loop validation) in production
• Experience managing hardware vendor security partnerships (embargoed disclosures and pre-release collaboration)
• Production experience with security automation platforms such as TINES and serverless frameworks (AWS Lambda, GCP Cloud Functions)
• Strong DevOps, DevSecOps, or SRE background with deep experience in AWS/GCP/Azure cloud services and Infrastructure as Code (Terraform, CloudFormation)
• Deep understanding of Kubernetes security (container scanning, admission controllers, supply chain security, runtime protection)
• Experience leading security programs through rapid hypergrowth (10x+ infrastructure scaling) in startup or cloud-native environments
• Practical experience managing vulnerabilities within a FedRAMP-certified environment or similar regulatory frameworks

Salary and Benefits: The base salary range for this role is $188,000 to $275,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).

Work Environment:

While we prioritize a hybrid work environment, remote work may be considered for candidates located more than 30 miles from an office, based on role requirements for specialized skill sets. New hires will be invited to attend onboarding at one of our hubs within their first month. Teams also gather quarterly to support collaboration.

XML job scraping automation by YubHub

The ideal candidate has a background in electrical or software engineering, with a focus on platform security, or has pivoted to a product or application security role. They will be able to conduct complex security architecture reviews, research and mitigate exploits against hardware and software, and work with other engineering teams to build resiliency into our products.

As a product security engineer, you will:

• Own the development and maturation of security features for Anduril's products
• Collaborate and build solutions with engineering teams to meet and exceed industry-standard security goals
• Collaborate with security assessment teams to assess Anduril's products and integrated components to uncover potential weaknesses
• Collaborate with manufacturing and operations teams to develop secure handling and operational processes
• Engage with teams to remediate uncovered weaknesses in designs, implementations, integrations, and processes

Required qualifications include:

• Experience with one or more programming languages (e.g. C/C++, Golang, Rust, Python)
• Experience assessing security of firmware, applications, network, IoT, or embedded systems
• Experience developing features for and improving security of firmware, applications, network, or embedded systems
• Experience building, testing, and delivering production-ready systems, especially for embedded and/or Linux systems
• Familiarity with anti-tamper and reverse engineering mechanisms
• Strong and professional communication skills (written and verbal)
• Strong understanding of the 'why' behind product, systems, and security design
• A sincere commitment to a positive, inclusive, and collaborative culture
• Must be eligible to obtain and maintain a U.S. TS clearance

Preferred qualifications include:

• Excels at the above-listed requirements
• Possesses and able to maintain an active U.S. TS Security clearance with SCI and/or SAP eligibility
• Familiarity with security architectures of embedded, aerospace, or cyber-physical systems
• Fluency in modern USG cyber methodologies, including Cyber Survivability guidance and related policy (JSIG, ICD 503, CSEIG, SSECG, NIST SP 800-160, Cyber T&E Guidebook, CMMC, etc.)
• Experience with programmable logic devices and their development tools
• Regularly builds, tests, and delivers production-ready systems, especially for embedded and/or Linux systems

US Salary Range: $156,000-$253,000 USD

XML job scraping automation by YubHub

This role requires expertise in low-level systems security and the ability to architect solutions that balance security requirements with the performance demands of training AI models across our massive fleet.

Responsibilities:

• Design and implement secure boot chains from firmware through OS initialization for diverse hardware platforms (CPUs, BMCs, switches, peripherals, and embedded microcontrollers)

• Architect attestation systems that provide cryptographic proof of system state from hardware root of trust through application layer

• Develop measured boot implementations and runtime integrity monitoring

• Create reference architectures and security requirements for bare-metal deployments

• Integrate security controls with infrastructure teams without impacting training performance

• Prototype and validate security mechanisms before production deployment

• Conduct firmware vulnerability assessments and penetration testing

• Build firmware analysis pipelines for continuous security monitoring

• Document security architectures and maintain threat models

• Collaborate with software and hardware vendors to ensure security capabilities meet our requirements

Who you are:

• 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)

• Hands-on experience with secure boot, measured boot, and attestation technologies (TPM, Intel TXT, AMD SEV, ARM TrustZone)

• Strong understanding of cryptographic protocols and hardware security modules

• Experience with UEFI/BIOS or embedded firmware security, bootloader hardening, and chain of trust implementation

• Proficiency in low-level programming (C, Rust, Assembly) and systems programming

• Knowledge of firmware vulnerability assessment and threat modeling

• Track record of designing security architectures for complex, distributed systems

• Experience with supply chain security

• Ability to work effectively across hardware and software boundaries

• Knowledge of NIST firmware security guidelines and hardware security frameworks

Strong candidates may also have:

• Experience with confidential computing technologies and hardware-based TEEs

• Knowledge of SLSA framework and software supply chain security standards

• Experience securing large-scale HPC or cloud infrastructure

• Contributions to open-source security projects (coreboot, CHIPSEC, etc.)

• Background in formal verification or security proof techniques

• Experience with silicon root of trust implementations

• Experience working with building foundational technical designs, operational leadership, and vendor collaboration

• Previous work with AI/ML infrastructure security

Annual Salary: $405,000-$485,000 USD

Logistics:

• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience

• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience

• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position

• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

Why work with us?

• Competitive compensation and benefits

• Optional equity donation matching

• Generous vacation and parental leave

• Flexible working hours

• Lovely office space in which to collaborate with colleagues

Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

XML job scraping automation by YubHub

You will be the technical authority on hardware root of trust, secure boot, firmware integrity, embedded system hardening, and the security of third-party hardware integrations. Your work ensures that every component on the vessel is resilient against tampering, exploitation, and supply chain compromise, designed in from the start and maintained across the fleet lifecycle.

Key Responsibilities:

• Conduct hardware security assessments including fault injection, side-channel analysis, interface evaluation, and bus protocol analysis across Saronic-built and third-party hardware including sensors, radios, navigation systems, propulsion controllers, and communication modules

• Evaluate and harden physical interfaces, debug ports, maintenance access points, and removable media interfaces on vessel hardware

• Evaluate supply chain security risks for hardware components and recommend provenance validation, anti-tamper, and attestation controls

• Develop and maintain a hardware security testing capability including tooling, methodology, and repeatable test procedures

• Design and implement secure boot chains establishing hardware root of trust from power-on through application launch, integrating TPM, secure elements, and HSMs for device identity, key storage, measured boot, and remote attestation

• Design and implement secure firmware update mechanisms including signed updates, rollback protection, and verified delivery across the fleet

• Own the cryptographic key lifecycle for hardware-bound keys, including provisioning, rotation, revocation, and escrow

• Harden embedded Linux systems on vessel platforms, including kernel configuration, mandatory access controls, secure IPC, and attack surface reduction

• Secure operational technology protocols and interfaces used in vessel control systems, propulsion, navigation, and sensor fusion including CAN bus, NMEA, and maritime/industrial communication protocols

• Define security boundaries, trust zones, and segmentation strategies for vessel-internal compute and communication architectures

• Drive threat modeling across vessel hardware subsystems and translate findings into actionable engineering requirements

• Produce secure-by-design reference architectures and define hardware and firmware security standards, testing requirements, and acceptance criteria integrated into engineering workflows

Required Qualifications:

• 6+ years of hands-on experience in hardware security, embedded systems security, firmware security, or a closely related security engineering role

• Deep expertise in hardware hacking techniques including fault injection, side-channel attacks, JTAG/SWD exploitation, bus sniffing/injection, and physical security assessments

• Demonstrated experience designing and implementing secure boot chains, hardware root of trust, and secure firmware update mechanisms in production systems

• Strong experience assessing third-party hardware integrations and evaluating supply chain security risks

• Deep knowledge of embedded Linux security hardening, kernel security, and mandatory access control frameworks

• Experience with operational technology security, industrial protocols, or control system security

• Proficiency in C, C++, Python, or Rust in the context of firmware, embedded, or systems-level security work, and with hardware security testing tools

• Ability to obtain and maintain a security clearance

Preferred Qualifications:

• Experience in defense, aerospace, robotics, autonomy, maritime, or other high-assurance environments

• Experience with autonomous systems, unmanned vehicles, or safety-critical embedded platforms

• Experience with RTOS, microcontroller security, or resource-constrained device environments

• Knowledge of CAN bus, NMEA protocols, maritime communication systems, RF/GPS/GNSS security, or ICS security standards

• Familiarity with defense or safety-critical compliance frameworks (NIST SP 800-53, IEC 62443, Common Criteria, or equivalent)

• Relevant certifications such as OSEE, GXPN, GSE, or hardware-focused credentials

XML job scraping automation by YubHub

We're seeking a Platform Hardware Security Engineer to design and implement security architectures for bare-metal infrastructure. You'll work with teams across Anthropic to build firmware, bootloaders, operating systems, and attestation systems to ensure the integrity of our infrastructure from the ground up.

This role requires expertise in low-level systems security and the ability to architect solutions that balance security requirements with the performance demands of training AI models across our massive fleet.

What you'll do:

• Design and implement secure boot chains from firmware through OS initialization for diverse hardware platforms (CPUs, BMCs, switches, peripherals, and embedded microcontrollers)
• Architect attestation systems that provide cryptographic proof of system state from hardware root of trust through application layer
• Develop measured boot implementations and runtime integrity monitoring
• Create reference architectures and security requirements for bare-metal deployments
• Integrate security controls with infrastructure teams without impacting training performance
• Prototype and validate security mechanisms before production deployment
• Conduct firmware vulnerability assessments and penetration testing
• Build firmware analysis pipelines for continuous security monitoring
• Document security architectures and maintain threat models
• Collaborate with software and hardware vendors to ensure security capabilities meet our requirements

Who you are:

• 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)
• Hands-on experience with secure boot, measured boot, and attestation technologies (TPM, Intel TXT, AMD SEV, ARM TrustZone)
• Strong understanding of cryptographic protocols and hardware security modules
• Experience with UEFI/BIOS or embedded firmware security, bootloader hardening, and chain of trust implementation
• Proficiency in low-level programming (C, Rust, Assembly) and systems programming
• Knowledge of firmware vulnerability assessment and threat modeling
• Track record of designing security architectures for complex, distributed systems
• Experience with supply chain security
• Ability to work effectively across hardware and software boundaries
• Knowledge of NIST firmware security guidelines and hardware security frameworks

Strong candidates may also have:

• Experience with confidential computing technologies and hardware-based TEEs
• Knowledge of SLSA framework and software supply chain security standards
• Experience securing large-scale HPC or cloud infrastructure
• Contributions to open-source security projects (coreboot, CHIPSEC, etc.)
• Background in formal verification or security proof techniques
• Experience with silicon root of trust implementations
• Experience working with building foundational technical designs, operational leadership, and vendor collaboration
• Previous work with AI/ML infrastructure security

Logistics

• Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience.
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts.

XML job scraping automation by YubHub