This role requires expertise in low-level systems security and the ability to architect solutions that balance security requirements with the performance demands of training AI models across our massive fleet.

Responsibilities:

• Design and implement secure boot chains from firmware through OS initialization for diverse hardware platforms (CPUs, BMCs, switches, peripherals, and embedded microcontrollers)

• Architect attestation systems that provide cryptographic proof of system state from hardware root of trust through application layer

• Develop measured boot implementations and runtime integrity monitoring

• Create reference architectures and security requirements for bare-metal deployments

• Integrate security controls with infrastructure teams without impacting training performance

• Prototype and validate security mechanisms before production deployment

• Conduct firmware vulnerability assessments and penetration testing

• Build firmware analysis pipelines for continuous security monitoring

• Document security architectures and maintain threat models

• Collaborate with software and hardware vendors to ensure security capabilities meet our requirements

Who you are:

• 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)

• Hands-on experience with secure boot, measured boot, and attestation technologies (TPM, Intel TXT, AMD SEV, ARM TrustZone)

• Strong understanding of cryptographic protocols and hardware security modules

• Experience with UEFI/BIOS or embedded firmware security, bootloader hardening, and chain of trust implementation

• Proficiency in low-level programming (C, Rust, Assembly) and systems programming

• Knowledge of firmware vulnerability assessment and threat modeling

• Track record of designing security architectures for complex, distributed systems

• Experience with supply chain security

• Ability to work effectively across hardware and software boundaries

• Knowledge of NIST firmware security guidelines and hardware security frameworks

Strong candidates may also have:

• Experience with confidential computing technologies and hardware-based TEEs

• Knowledge of SLSA framework and software supply chain security standards

• Experience securing large-scale HPC or cloud infrastructure

• Contributions to open-source security projects (coreboot, CHIPSEC, etc.)

• Background in formal verification or security proof techniques

• Experience with silicon root of trust implementations

• Experience working with building foundational technical designs, operational leadership, and vendor collaboration

• Previous work with AI/ML infrastructure security

Annual Salary: $405,000-$485,000 USD

Logistics:

• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience

• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience

• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position

• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

Why work with us?

• Competitive compensation and benefits

• Optional equity donation matching

• Generous vacation and parental leave

• Flexible working hours

• Lovely office space in which to collaborate with colleagues

Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

XML job scraping automation by YubHub

XML job scraping automation by YubHub

About Engineering at Engine by Starling

At Engine by Starling, we don't do 'checkbox security',we build security software. We treat security as a first-class engineering discipline, where the solution to a threat isn't a policy, but a robust, concurrent system written in Go.

As a Cloud Security Software Engineer, you will be a hands-on builder responsible for the security architecture of our multi-tenant core banking platform. You'll spend your days architecting and writing Go-based tooling, automating defenses, and ensuring our infrastructure across AWS and GCP is secure by design and compliant by default.

The Mission

Your mission is to solve complex security problems through software engineering, focusing on three core pillars:

• Identity & Network Security: Engineering high-performance IAM controls and zero-trust network architectures. You will lead the way in refining edge-defense strategies and trust redirection, ensuring every request is verified and encrypted at scale.
• Unified Vulnerability Orchestration: Architecting a custom 'single pane of glass' for security data. You will build Go-based API integrations and microservices that bridge scanning engines, dependency trackers, and internal portals into a seamless, automated ecosystem.
• Compliance as Code: Building the automated systems that provide real-time evidence for frameworks like SOC 2, ISO 27001 & PCI. You’ll ensure we stay compliant through continuous, automated validation rather than manual overhead.

The Team

You will be a key member of our growing Security Engineering team, working at the intersection of Infrastructure, Cross-Cutting, and GRC. We operate like a specialized product team: we identify security friction and build the software to eliminate it. You won’t work in a silo; you’ll collaborate with engineers across the business to deliver a platform that is resilient by default.

About You

We are looking for Software Engineers who are passionate about the Go ecosystem and want to apply those skills to mission-critical security challenges. Whether you come from a Security Engineering background or you are a Backend Engineer with a 'security-first' mindset, we value your ability to write clean, maintainable, and efficient code.

What you’ll get to do

• Engineering Security Tooling: Lead the design and maintenance of our internal security tool suite, written primarily in Go, to automate evidence collection and real-time remediation of security alerts.
• Infrastructure as Code: Write and peer-review Terraform and custom providers to manage identity and core infrastructure across AWS and GCP.
• Supply Chain Security: Build automated systems to manage container provenance and integrate security analysis into our CI/CD pipelines (GitHub Actions/TeamCity).
• Cloud Native Defense: Engineer Kubernetes security solutions leveraging Cilium, eBPF, and custom controllers to protect our microservices.
• Cryptographic Engineering (PKI): Build and maintain our Go-based Certificate Authority (CA) tooling and internal PKI infrastructure.
• Incident Response: Support the team in automated incident response, building the tools that help us investigate and mitigate threats faster.

Requirements

What skills are essential:

• Go Specialist: You are proficient in Go. You understand its concurrency models, testing patterns, and how to build idiomatic, performant services.
• The Builder Mindset: You find manual work a personal affront. If a task needs to be done twice, you’ve already started planning the automation for it.
• Cloud Native: Practical experience with AWS or GCP, ideally managed through Terraform.
• Container Expertise: You understand Kubernetes internals,from the runtime security to the service mesh.
• Identity & Networking: Strong understanding of cloud identity models and network protocols.

What skills are desirable:

• Experience with Cilium or eBPF-based security monitoring.
• Knowledge of Sigstore/Cosign, image provenance, and SBOMs.
• Familiarity with hardware security modules (HSMs) or advanced cryptography.
• Cloud-native security certifications (AWS/GCP).

Benefits

• 33 days holiday (including public holidays, which you can take when it works best for you)
• An extra day’s holiday for your birthday
• Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
• 16 hours paid volunteering time a year
• Salary sacrifice, company enhanced pension scheme
• Life insurance at 4x your salary & group income protection
• Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
• Generous family-friendly policies
• Incentives refer a friend scheme
• Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
• Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing

XML job scraping automation by YubHub

We're seeking a Platform Hardware Security Engineer to design and implement security architectures for bare-metal infrastructure. You'll work with teams across Anthropic to build firmware, bootloaders, operating systems, and attestation systems to ensure the integrity of our infrastructure from the ground up.

This role requires expertise in low-level systems security and the ability to architect solutions that balance security requirements with the performance demands of training AI models across our massive fleet.

What you'll do:

• Design and implement secure boot chains from firmware through OS initialization for diverse hardware platforms (CPUs, BMCs, switches, peripherals, and embedded microcontrollers)
• Architect attestation systems that provide cryptographic proof of system state from hardware root of trust through application layer
• Develop measured boot implementations and runtime integrity monitoring
• Create reference architectures and security requirements for bare-metal deployments
• Integrate security controls with infrastructure teams without impacting training performance
• Prototype and validate security mechanisms before production deployment
• Conduct firmware vulnerability assessments and penetration testing
• Build firmware analysis pipelines for continuous security monitoring
• Document security architectures and maintain threat models
• Collaborate with software and hardware vendors to ensure security capabilities meet our requirements

Who you are:

• 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)
• Hands-on experience with secure boot, measured boot, and attestation technologies (TPM, Intel TXT, AMD SEV, ARM TrustZone)
• Strong understanding of cryptographic protocols and hardware security modules
• Experience with UEFI/BIOS or embedded firmware security, bootloader hardening, and chain of trust implementation
• Proficiency in low-level programming (C, Rust, Assembly) and systems programming
• Knowledge of firmware vulnerability assessment and threat modeling
• Track record of designing security architectures for complex, distributed systems
• Experience with supply chain security
• Ability to work effectively across hardware and software boundaries
• Knowledge of NIST firmware security guidelines and hardware security frameworks

Strong candidates may also have:

• Experience with confidential computing technologies and hardware-based TEEs
• Knowledge of SLSA framework and software supply chain security standards
• Experience securing large-scale HPC or cloud infrastructure
• Contributions to open-source security projects (coreboot, CHIPSEC, etc.)
• Background in formal verification or security proof techniques
• Experience with silicon root of trust implementations
• Experience working with building foundational technical designs, operational leadership, and vendor collaboration
• Previous work with AI/ML infrastructure security

Logistics

• Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience.
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts.

XML job scraping automation by YubHub

Location

San Francisco; Remote - US

Employment Type

Full time

Department

Consumer Products

Compensation

• $292K – $490K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

The Encryption team works across product, engineering, security, and safety to build advanced privacy products and infrastructure at OpenAI. Our mission is to provide world-class security features to users so their private data remains private, even from OpenAI. We use technologies like client-side encryption, hardware security modules (HSMs), and trusted execution environments (TEEs), and design modern crypto, storage, and authentication protocols to ship product features across ChatGPT and our future consumer devices.

About the Role

We’re looking for software engineers to design, build, and scale novel privacy features and infrastructure across ChatGPT and our future consumer devices.

In this role, you will:

• Ship fast while balancing difficult trade-offs in complex domains

• Build core abstractions for encrypted storage, sync, and recovery, especially when paired with inference in trusted execution environments

• Build product features for authentication, encryption, and storage across ChatGPT and future consumer devices

• Build and maintain infrastructure for hardware security modules (HSMs)

• Integrate with private inference and computing infrastructure

• Operate systems at scale with high reliability, including an on-call rotation

• Collaborate with a diverse set of cross-functional teams across product, engineering, security, safety, policy, and legal

You might thrive in this role if you:

• Care deeply about user privacy and security

• Have 5+ years of experience in professional software engineering

• Have experience designing end-to-end encryption protocols (e.g. Labyrinth)

• Have experience building intuitive authentication experiences for users

• Have experience building and scaling HSM infra under strict security requirements (e.g. Juicebox)

• Take pride in building and operating scalable, reliable, secure systems

• Can collaborate well and drive alignment in the face of difficult trade-offs

• Are comfortable with ambiguity and rapid change

Workplace & Location

This role may be based in San Francisco, CA or remotely in the US with occasional travel to our HQ. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

XML job scraping automation by YubHub

About the Team

The Encryption team works across product, engineering, security, and safety to build advanced privacy products and infrastructure at OpenAI. Our mission is to provide world-class security features to users so their private data remains private, even from OpenAI. We use technologies like client-side encryption, hardware security modules (HSMs), and trusted execution environments (TEEs), and design modern crypto, storage, and authentication protocols to ship product features across ChatGPT and our future consumer devices.

About the Role

We’re looking for software engineers to design, build, and scale novel privacy features and infrastructure across ChatGPT and our future consumer devices.

In this role, you will:

• Ship fast while balancing difficult trade-offs in complex domains

• Build core abstractions for encrypted storage, sync, and recovery, especially when paired with inference in trusted execution environments

• Build product features for authentication, encryption, and storage across ChatGPT and future consumer devices

• Build and maintain infrastructure for hardware security modules (HSMs)

• Integrate with private inference and computing infrastructure

• Operate systems at scale with high reliability, including an on-call rotation

• Collaborate with a diverse set of cross-functional teams across product, engineering, security, safety, policy, and legal

You might thrive in this role if you:

• Care deeply about user privacy and security

• Have 5+ years of experience in professional software engineering

• Have experience designing end-to-end encryption protocols (e.g. Labyrinth)

• Have experience building intuitive authentication experiences for users

• Have experience building and scaling HSM infra under strict security requirements (e.g. Juicebox)

• Take pride in building and operating scalable, reliable, secure systems

• Can collaborate well and drive alignment in the face of difficult trade-offs

• Are comfortable with ambiguity and rapid change

Workplace & Location

This role may be based remotely in the UK or EU with occasional travel to our HQ. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

XML job scraping automation by YubHub