About Anthropic

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole.

About the Role

Security at Anthropic is not a compliance exercise. It is a core part of how we stay safe as we build increasingly capable systems. Our Responsible Scaling Policy commits us to launching structured security R&D projects: ambitious, time-boxed experiments designed to resolve high-uncertainty questions about our long-term security posture.

Each project runs for roughly 6 months with defined exit criteria. Some will succeed and move toward production. Others will fail, and we'll treat that as useful signals. The questions these projects are designed to answer include:

• Can our core research workflows survive extreme isolation?

• Can we get cryptographic guarantees where we currently rely on trust?

• Can AI become our most effective security control?

As a Security Labs Engineer, you own one or more projects end-to-end: scoping the experiment, building the infrastructure, coordinating across teams, running the pilot, documenting results, and where the experiment succeeds, helping scale it into production. This is 0-to-1 and 1-to-10 work.

Current Project Areas

The portfolio evolves based on what we learn. Current areas include:

• Designing and operating a mock high-assurance research environment: simulating what our infrastructure would look like under extreme isolation and physical security controls, with real measurement of productivity impact

• Exploring cryptographic verification of model integrity using techniques like zero-knowledge proofs to provide mathematical guarantees about what is running in production

• Assessing the feasibility of confidential computing across the full model lifecycle (note: this is an open question, not a committed roadmap item)

• Piloting AI-assisted security tooling including vulnerability discovery, automated patching, anomaly detection, and adaptive behavioral monitoring

• Prototyping API-only access regimes where even internal research workflows never touch raw model weights

Part of your job is helping shape what comes next based on gaps uncovered in the current round.

Responsibilities

• Own the end-to-end execution of a Security Labs project: refine the hypothesis, design the experiment, build the prototype, run the pilot, and write up the results

• Build novel security infrastructure under real time pressure: isolated clusters, hardened access controls, cryptographic verification layers, with a bias toward learning fast

• Where experiments succeed, drive them toward production scale. An experiment that works on one cluster but not a hundred is not a finished result.

• Work embedded with research teams (Pretraining, RL, Inference) to stress-test whether their core workflows can function under extreme security controls, and document precisely where they break

• Evaluate and integrate emerging security technologies through coordination with external vendors and research groups

• Turn experimental results into clear, decision-ready writeups that inform Anthropic's long-term security architecture and RSP commitments

• Maintain a pain-point registry and feasibility assessment for each project, feeding directly into the design of production high-assurance environments

• Help scope and prioritize the next wave of Labs projects based on what the current round uncovers

Requirements

• 7+ years of software or security engineering experience, with a solid foundation in production systems

• Some of that time spent on pilots, prototypes, or applied research work where shipping a working answer to a hard question was the explicit goal

• Strong programming skills in Python and at least one systems language (Go, Rust, or C/C++)

• Hands-on experience with cloud infrastructure (AWS, GCP, or Azure), Kubernetes, and networking fundamentals sufficient to stand up and tear down isolated environments quickly

• A track record of cross-functional execution: you can walk into a room with ML researchers, infrastructure engineers, and vendors and leave with a shared plan

• Clear written communication: you know how to turn six weeks of experimentation into a two-page memo someone can act on

• Comfort with ambiguity and iteration, having run experiments that failed, extracted the lesson, and moved forward

• Genuine curiosity about what it would actually take to defend against a nation-state-level adversary

• Passion for AI safety and a real understanding of the role security plays in making frontier AI development go well

• Bachelor's degree in Computer Science, a related field, or equivalent industry experience required.

Preferred Qualifications

• Prior experience in offensive security, red teaming, or security research, having thought adversarially about systems and knowing which threats actually matter

• Familiarity with airgapped or high-side environments (classified networks, ICS/SCADA, financial trading infrastructure, or similar) and the operational realities of working inside them

• Knowledge of applied cryptography: zero-knowledge proofs, attestation protocols, secure enclaves, TPMs, or confidential computing primitives

• Experience with ML infrastructure (training pipelines, inference serving, model packaging) sufficient for grounded conversations with researchers about what their workflows actually need

• Background building or operating security systems in environments that demand rapid iteration rather than rigid change control

• Prior work at a startup, on an innovation team, or in an applied research group where shipping a working v0 to answer a real question was explicitly the goal

Location

This role is based in our San Francisco office (500 Howard St). Several Labs projects involve physical secure facilities on-site, so expect to be in-office more frequently than Anthropic's standard 25% hybrid baseline.

What We Offer

• Competitive salary and equity package

• Comprehensive health insurance and retirement plans

• Flexible work arrangements, including remote work options

• Professional development opportunities, including training and conference attendance

• Collaborative and dynamic work environment

• Access to cutting-edge technology and resources

• Opportunity to work on challenging and impactful projects

• Recognition and rewards for outstanding performance

If you're excited about the opportunity to join our team and contribute to the development of secure and beneficial AI systems, please submit your application. We can't wait to hear from you!

Deadline to Apply

None, applications will be received on a rolling basis.

Annual Compensation Range

$405,000 - $485,000 USD

Logistics

Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience

Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience

Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position

Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with the process.

XML job scraping automation by YubHub

You'll conduct hands-on penetration testing, lead red team engagements, and collaborate with blue team counterparts to validate and improve detection and response capabilities. Your work will directly influence how Stripe builds, ships, and secures financial infrastructure used by millions of businesses worldwide.

Responsibilities:

Conduct comprehensive penetration tests across web applications, APIs, cloud environments (AWS/GCP/Azure), mobile applications, and internal infrastructure.

Plan and execute red team engagements that emulate the TTPs of cyber and criminal threat actors targeting financial services, including initial access, lateral movement, persistence, and data exfiltration scenarios.

Perform assumed-breach and objective-based assessments to test detection and response capabilities in coordination with defensive teams.

Partner with detection engineering, threat intelligence, and incident response teams to validate security controls, identify coverage gaps, and improve detection fidelity.

Contribute adversary tradecraft insights to inform detection rule development, threat hunting hypotheses, and incident response playbooks.

Support incident investigations by providing offensive expertise, log analysis, and root cause analysis when required.

Design, develop, and maintain custom offensive tools, scripts, and automation frameworks to enhance assessment efficiency and coverage.

Build internal platforms and workflows that enable scalable, repeatable offensive operations.

Contribute to internal security tooling repositories and champion engineering best practices within the team.

Automate repetitive testing tasks, payload generation, and reporting workflows using modern development practices.

Produce clear, actionable reports that communicate technical findings, business risk, and remediation guidance to both technical and non-technical stakeholders.

Act as a subject-matter expert and primary point of contact for stakeholder teams engaged in offensive security programs and Stripe-wide security initiatives.

Lead offensive security projects end-to-end, mentor junior team members, and foster a culture of continuous learning and knowledge sharing.

Stay current with emerging threats, vulnerabilities, and attack techniques; share research internally and contribute to the broader security community.

XML job scraping automation by YubHub

In this role, you will:

Perform manual and automated testing of web applications, APIs, and mobile apps (iOS/Android). Conduct network and cloud level assessments with various tooling. Triage and validate reports from automated scanners or bug bounty hunters to eliminate false positives and escalate true positives. Perform initial prompt injection and jailbreak tests on AI prototypes, services, and applications using established checklists (OWASP Top 10 for LLMs). Draft high-quality reports that detail the "path to compromise" with clear, reproducible steps for developers. Manage and update the team's testing infrastructure (e.g., Burp Suite, and basic C2 listeners). Provide direct technical guidance to engineering teams on how to patch vulnerabilities like XSS, SQLi, and IDOR. Design and lead multi-week Red Team operations that mimic specific threat actors (APTs) to test the SIRT detection capabilities. Build custom payloads, droppers, and obfuscated scripts to bypass EDR/AV and maintain stealth. Build automated testing frameworks for AI systems (e.g., using PyRIT, Promptfoo, or Garak) to test for models related to sensitive data leakage. Execute sophisticated attacks against AWS/Azure/K8s, focusing on IAM misconfigurations and container escapes. Collaborate with SIRT and Detection Engineering to tune SIEM alerts based on the techniques used during an engagement. Oversee the organization's bug bounty program, identifying trends in submissions to suggest broad architectural security changes.

Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply.

XML job scraping automation by YubHub

Your expertise will be crucial in building proactive security strategies that align with our business goals and protect the company from an ever-evolving threat landscape. This position demands deep expertise in security principles and a comprehensive understanding of the entire infrastructure stack and IAM systems to design robust, future-ready security solutions.

You will be instrumental in safeguarding our systems' resilience and integrity against ever-evolving cyber threats. You will play a critical role in shaping our security strategy for modern platforms across AWS, Azure, GCP, network infrastructure, storage, and SaaS solutions, help establish a strong least privilege (PoLP) model, providing specialized IAM expertise, and securely supporting SaaS with sensitive information (NHI).

You will also be a key contributor in building our internal strategy for secure AI development. Additionally, you will support the secure integration of SaaS platforms such as Google Workspace, collaboration tools, and GTM systems, maintaining alignment with enterprise security standards.

Close collaboration with cross-functional teams is essential to embed security throughout the technology stack.

The impact you will have:

• Design and implement secure, scalable reference architectures for the Databricks IT across Cloud Infra (Compute, DBs, Network, Storage), SaaS, Custom Built Applications, Data & AI systems.
• Establish and enforce security controls for: Core Security Areas: - Databricks Workspace Management: Workspace isolation, Unity Catalog for data governance.
• Secure Networking: VPC configs, PrivateLink, IP Allow Lists.
• Identity and Access Management (IAM): SSO, SCIM user provisioning, RBAC via Un, Strong MFA best practices for enterprise identities and customers.
• Data Encryption: At rest and in transit, customer-managed keys for critical assets.
• Data Exfiltration Prevention: Admin console settings, VPC endpoint controls.
• Cluster Security: User isolation, compliance with enhanced security monitoring/Compliance Security Profiles (HIPAA, PCI-DSS, FedRAMP).
• Offensive Security: Test and challenge the effectiveness of the organization’s security defenses by mimicking the tactics, techniques, and procedures used by actual attackers.
• Specialized Security Functions: - Non-human Identity Management: Design and implement secure authentication and authorization for automated systems (service accounts, API keys, machine identities), focusing on automation and integration with existing identity management systems.
• IAM Best Practices: Develop and document comprehensive Identity and Access Management policies, including user provisioning, de-provisioning, access reviews, privileged access management, and multi-factor authentication, ensuring security and compliance.
• Data Loss Prevention (DLP): Implement DLP solutions to identify, monitor, and protect sensitive data across endpoints, networks, and cloud environments, preventing unauthorized access, use, or transmission.
• SaaS Proxy Design and Implementation: Design and implement cloud-based proxies for SaaS applications (SASE solutions) to provide secure access, enforce security policies, monitor user activity, and protect against threats.
• Cloud Infrastructure Best Practices: Establish and document best practices for VPC configurations, cloud networking, and infrastructure as code using Terraform, ensuring secure network segmentation, routing, firewalls, and VPNs for consistent, automated, and secure deployments.
• Least Privilege Access for Data Security: Design and implement data security controls based on the principle of least privilege, ensuring users and systems have only the minimum necessary access through fine-grained controls, data classification, and regular access reviews.
• Guide internal IT on Databricks’ security and compliance certifications (SOC 2, ISO 27001/27017/27018, HIPAA, PCI-DSS, FedRAMP), and support security reviews/audits.
• Support incident response, vulnerability management, threat modeling, and red teaming using audit logs, cluster policies, and enhanced monitoring.
• Stay current on industry trends and emerging threats in GenAI, AI Agentic flow, MCPs to enhance security posture.
• Advise executive leadership on security architecture, risks, and mitigation.
• Mentor security engineers and developers on secure design and best practices.

What we look for:

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field
• Master’s degree in Computer Science specifically in Information Security or a related discipline is strongly preferred
• Minimum 12 years in cybersecurity, with 5+ in security architecture or senior technical roles.
• Experience in FedRAMP High systems/ GovCloud preferred.
• Must have direct experience designing and securing enterprise platforms in complex multi-cloud environments, deep knowledge of enterprise architecture and security features (control plane/data plane separation, network infra, workspace hardening, network segmentation/ isolation), and hands-on experience automating security controls with Terraform and scripting.
• Proven expertise securing data analytics pipelines, SaaS integrations, and workload isolation in enterprise ecosystems.
• Experience with Enterprise Security Analysis Tools and monitoring/security policy optimization.
• Deep experience in threat modeling, design, PoC, and implementing large-scale enterprise solutions.
• Extensive hands-on experience in AWS cloud security, network security, with knowledge of Zero Trust, Data Protection, and Appsec.
• Strong understanding of enterprise IAM systems (Okta, SailPoint, VDI, Entra ID) and Data Protection.
• Expert experience with SIEM platforms, XDR, and cloud-native threat detection tools.
• Expert in web application security, OWASP, API security, and secure design and testing.
• Hands-on experience with security automation is required, with proficiency in AI-assisted development, Python, Cursor, Lambda, Terraform, or comparable scripting/IaC tools for operational efficiency.
• Industry certifications like CISSP, CCSP, CEH, AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional, or AWS Certified Advanced Networking – Specialty (or equivalent) are preferred.
• Ability to influence stakeholders and drive alignment.
• Strategic thinker with a passion for security innovation, continuous improvement, and building scalable defenses.

Pay Range Transparency

Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above.

XML job scraping automation by YubHub

Security at Anthropic is not a compliance exercise. It is a core part of how we stay safe as we build increasingly capable systems. Our Responsible Scaling Policy commits us to launching structured security R&D projects: ambitious, time-boxed experiments designed to resolve high-uncertainty questions about our long-term security posture.

Each project runs for roughly 6 months with defined exit criteria. Some will succeed and move toward production. Others will fail, and we'll treat that as useful signals. The questions these projects are designed to answer include:

• Can our core research workflows survive extreme isolation?
• Can we get cryptographic guarantees where we currently rely on trust?
• Can AI become our most effective security control?

As a Security Labs Engineer, you own one or more projects end-to-end: scoping the experiment, building the infrastructure, coordinating across teams, running the pilot, documenting results, and where the experiment succeeds, helping scale it into production. This is 0-to-1 and 1-to-10 work.

Current Project Areas

The portfolio evolves based on what we learn. Current areas include:

• Designing and operating a mock high-assurance research environment: simulating what our infrastructure would look like under extreme isolation and physical security controls, with real measurement of productivity impact
• Exploring cryptographic verification of model integrity using techniques like zero-knowledge proofs to provide mathematical guarantees about what is running in production
• Assessing the feasibility of confidential computing across the full model lifecycle (note: this is an open question, not a committed roadmap item)
• Piloting AI-assisted security tooling including vulnerability discovery, automated patching, anomaly detection, and adaptive behavioral monitoring
• Prototyping API-only access regimes where even internal research workflows never touch raw model weights

Part of your job is helping shape what comes next based on gaps uncovered in the current round.

Responsibilities

• Own the end-to-end execution of a Security Labs project: refine the hypothesis, design the experiment, build the prototype, run the pilot, and write up the results
• Build novel security infrastructure under real time pressure: isolated clusters, hardened access controls, cryptographic verification layers, with a bias toward learning fast
• Where experiments succeed, drive them toward production scale. An experiment that works on one cluster but not a hundred is not a finished result.
• Work embedded with research teams (Pretraining, RL, Inference) to stress-test whether their core workflows can function under extreme security controls, and document precisely where they break
• Evaluate and integrate emerging security technologies through coordination with external vendors and research groups
• Turn experimental results into clear, decision-ready writeups that inform Anthropic's long-term security architecture and RSP commitments
• Maintain a pain-point registry and feasibility assessment for each project, feeding directly into the design of production high-assurance environments
• Help scope and prioritize the next wave of Labs projects based on what the current round uncovers

Requirements

• 7+ years of software or security engineering experience, with a solid foundation in production systems
• Some of that time spent on pilots, prototypes, or applied research work where shipping a working answer to a hard question was the explicit goal
• Strong programming skills in Python and at least one systems language (Go, Rust, or C/C++)
• Hands-on experience with cloud infrastructure (AWS, GCP, or Azure), Kubernetes, and networking fundamentals sufficient to stand up and tear down isolated environments quickly
• A track record of cross-functional execution: you can walk into a room with ML researchers, infrastructure engineers, and vendors and leave with a shared plan
• Clear written communication: you know how to turn six weeks of experimentation into a two-page memo someone can act on
• Comfort with ambiguity and iteration, having run experiments that failed, extracted the lesson, and moved forward
• Genuine curiosity about what it would actually take to defend against a nation-state-level adversary
• Passion for AI safety and a real understanding of the role security plays in making frontier AI development go well
• Bachelor's degree in Computer Science, a related field, or equivalent industry experience required.

Nice to Have

• Prior experience in offensive security, red teaming, or security research, having thought adversarially about systems and knowing which threats actually matter
• Familiarity with airgapped or high-side environments (classified networks, ICS/SCADA, financial trading infrastructure, or similar) and the operational realities of working inside them
• Knowledge of applied cryptography: zero-knowledge proofs, attestation protocols, secure enclaves, TPMs, or confidential computing primitives
• Experience with ML infrastructure (training pipelines, inference serving, model packaging) sufficient for grounded conversations with researchers about what their workflows actually need
• Background building or operating security systems in environments that demand rapid iteration rather than rigid change control
• Prior work at a startup, on an innovation team, or in an applied research group where shipping a working v0 to answer a real question was explicitly the goal

XML job scraping automation by YubHub

In the last year, we've seen compelling signs that LLMs and agents are increasingly capable of novel cyber capabilities. We think 2026 will be the year where models reach expert-level, even superhuman, in several cybersecurity domains. This is a novel and massive threat surface.

As a Research Scientist on FRT focusing on cyber, you'll build the tools and frameworks needed to defend the world against advanced AI-enabled cyber threats. Senior candidates will have the opportunity to shape and grow Anthropic's cyberdefense research program, working with Security, Safeguards, Policy, and other partner teams.

This work sits at the intersection of AI capabilities research, cybersecurity, and policy,what we learn directly shapes how Anthropic and the world prepare for AI-enabled cyber threats. This is applied research with real-world stakes. Your work will inform decisions at the highest levels of the company, contribute to demonstrations that shape policy discourse, and build the technical defenses that we will need for a future of increasingly powerful AI systems.

Responsibilities

• Develop systems, tools, and frameworks for AI-empowered cybersecurity, such as autonomous vulnerability discovery and remediation, malware detection and management, network hardening, and pentesting
• Design and run experiments to elicit and evaluate autonomous AI cyber capabilities in realistic scenarios
• Design and build infrastructure for evaluating and enabling AI systems to operate in security environments
• Translate technical findings into compelling demonstrations and artifacts that inform policymakers and the public
• Collaborate with external experts in cybersecurity, national security, and AI safety to scope and validate research directions

Sample Projects

• Building frameworks and tools that enable AI models to autonomously find and patch vulnerabilities
• Running purple-team simulations where AI defenders compete against AI attackers in network environments
• Pointing autonomous AI systems at real-world security challenges (bug bounties, CTFs etc.) to characterize risks, defensive potential, and compare to human experts
• Building demonstrations of frontier AI cyber capabilities for policy stakeholders

You May Be a Good Fit If You

• Have deep expertise in cybersecurity or security research
• Are driven to find solutions to complex, high-stakes problems
• Have experience doing technical research with LLM-based agents or autonomous systems
• Have strong software engineering skills, particularly in Python
• Can own entire problems end-to-end, including both technical and non-technical components
• Design and run experiments quickly, iterating fast toward useful results
• Thrive in collaborative environments
• Care deeply about AI safety and want your work to have real-world impact on how humanity navigates advanced AI
• Are comfortable working on sensitive projects that require discretion and integrity
• Have proven ability to lead cross-functional security initiatives and navigate complex organizational dynamics

Strong Candidates May Also Have

• Experience with offensive security research, vulnerability research, or exploit development
• Research or professional experience applying LLMs to security problems
• Track record in competitive CTFs, bug bounties, or other security-related competitions
• Experience building security tools or automation
• Track record of building demos or prototypes that communicate complex technical ideas
• Experience working with external stakeholders (policymakers, government, researchers)
• Familiarity with AI safety research and threat modeling for advanced AI systems

Logistics

Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact , advancing our long-term goals of steerable, trustworthy AI , rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions and workshops.

XML job scraping automation by YubHub

Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

We are hiring security specialists who are experienced at exploitation and remediation, and are interested in understanding how LLMs could cause harm in the future, so that we can better prepare for this future and mitigate these risks before they arise.

Responsibilities:

• Triage any vulnerabilities discovered, coordinate and assist the external and open-source community in remediation
• Write scaffolds designed to automate typical traditional attack techniques to help clarify our defensive problem selection
• Research how adversaries might misuse LLMs to identify and exploit vulnerabilities at scale in the future
• Develop promising defensive strategies that could mitigate the ability of adversaries to misuse models in harmful ways
• Work with a small, senior team of engineers and researchers to enact a forward-looking security plan

You may be a good fit if you have:

• 3+ years experience with pentesting, vulnerability research, or other offensive security experience
• Senior-level knowledge in at least one related topic area (reverse engineering, network security, exploitation, physical security)
• A history demonstrating desire to do the 'dirty work' that results in high-quality outputs
• Software engineering experience
• Demonstrated success in bringing clarity and ownership to ambiguous technical problems
• Proven ability to lead cross-functional security initiatives and navigate complex organisational dynamics

Strong candidates may also have:

• Published research papers on computer security, language modeling, or related topics; or given talks at Defcon, Blackhat, CCC, or related venues
• Familiarity with large language models and how they work; for example, you may have written agent scaffolds
• Reported CVEs, or been awarded for bug bounty vulnerabilities
• Contributed to open-source projects in LLM- or security-adjacent repositories

The annual compensation range for this role is $320,000-$405,000 USD.

XML job scraping automation by YubHub

The Anthropic Fellows Program is a 4-month, full-time research opportunity for individuals to work on empirical AI research and engineering projects. As an AI Security Fellow, you will be part of a team that focuses on reducing catastrophic risks from advanced AI systems.

Responsibilities

• Conduct empirical AI research and engineering projects aligned with Anthropic's research priorities
• Collaborate with mentors and peers to achieve project goals
• Present research findings and results to the team and wider community

Requirements

• Fluency in Python programming
• Strong technical background in computer science, mathematics, or physics
• Ability to implement ideas quickly and communicate clearly

Nice to Have

• Experience with pentesting, vulnerability research, or other offensive security work
• Experience with empirical ML research projects
• Experience with deep learning frameworks and experiment management

Logistics

• To participate in the Fellows program, you must have work authorization in the UK and be located in the UK during the program
• Workspace locations: London and Berkeley
• Visa sponsorship: Not currently available

Application Process

Applications and interviews are managed by Constellation, our official recruiting partner for this program. Clicking 'Apply here' will redirect you to Constellation's application portal.

XML job scraping automation by YubHub

About the Role: The Application Security team at Anthropic is at the forefront of building security into every phase of the software development lifecycle. As an Application Security Engineer, you will partner closely with software engineers and researchers to ensure that security is a core consideration from initial design through implementation. You will lead threat modeling and secure design reviews to proactively identify and mitigate risks early, and help with continuous risk assessment. You will build tools and systems to support developers shipping code securely, adhering to secure coding best practices.

Responsibilities:

• Help secure AI products and internal tools that are introducing industry-novel security risks and pushing established security boundaries
• Lead “shift left” security efforts to build security into the software development lifecycle
• Conduct secure design reviews and threat modeling. Identify and prioritize risks, attack surfaces, and vulnerabilities
• Develop tooling to scale security code reviews and respond to developer questions, including advising developers on remediating vulnerabilities and following secure coding practices
• Manage Anthropic's vulnerability management program, including integrating data ingestion pipelines, coding logic to prioritize vulnerability fixes, supporting teams remediating vulnerabilities and developing automated systems at scale
• Oversee Anthropic's bug bounty program. Set scope, validate submissions, perform root cause analysis, coordinate remediation with engineering teams, and award bounties. Cultivate relationships with the ethical hacker community
• Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development
• Develop and document security policies, standards, and playbooks. Conduct security awareness training for engineers

Requirements:

• 5+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments
• Strong proficiency in at least one programming language (e.g., Python, Rust, Go, Java)
• Lead with empathy, a collaborative spirit, and a learning mindset to work cross-functionally with engineers of all levels to build security into the software development life cycle
• Leverage creative and strategic thinking to reduce risk through secure design and simplicity, not just controls
• Possess broad security knowledge to connect the dots across domains and identify holistic ways to decrease the overall threat surface
• Are keen to distill complex security concepts into clear actions and drive consensus without direct authority
• Embody a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and education
• Have a strong grasp of offensive security to anticipate risks from an adversary's perspective, not just check compliance boxes
• Bring experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses
• Are practiced at collaborating cross-functionally and effectively balancing security requirements with business objectives
• Advocate for security fundamentals like least privilege, defense-in-depth, and eliminating complexity that could sub-linearly scale security through smart design

Preferred Qualifications:

• Hands-on technical expertise securing complex cloud environments and microservices architectures leveraging technologies like Kubernetes, Docker, and AWS / GCP
• Exposure to offensive security techniques like vulnerability testing, bug bounty, pen testing, and red team exercises
• Familiarity with AI/ML security risks such as prompt injection, data poisoning, model extraction, etc. and mitigations
• Experience building security tools, applications, and automated tools
• Solid foundational knowledge of both software and security engineering principles and are keen to continue learning
• Excellent communication skills, able to distill complex security topics for broad audiences
• Worked and thrived in fast-paced environments, and comfortable navigating ambiguity

Annual Compensation Range:

$300,000-$405,000 USD

Logistics:

• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience
• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience
• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

How to Apply:

If you're interested in this role, please submit your application through our website. We look forward to reviewing your application!

Note:

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links,visit anthropic.com/careers directly for confirmed position openings.

XML job scraping automation by YubHub

As a Security Researcher, you'll play a pivotal role in safeguarding these innovations by anticipating, identifying, and mitigating risks before they materialize. This isn't just about finding vulnerabilities; it's about shaping the future of secure AI by embedding an attacker's mindset into everything we build.

You'll work at the intersection of offensive security, AI safety, and product development, collaborating with cross-functional teams to harden our systems against evolving threats. Your expertise will directly influence how we design, deploy, and protect our most critical assets , ensuring our agents remain resilient, trustworthy, and ahead of adversaries.

Key responsibilities include:

• Proactively hunting for vulnerabilities in the interactions between our agentic applications, cloud infrastructure, and foundational models, with a focus on realistic, high-impact attack vectors.

• Designing and executing red and purple team exercises, simulating sophisticated adversarial scenarios to stress-test our defenses and refine our detection capabilities.

• Partnering with defensive teams to translate offensive insights into actionable improvements, from detection engineering to incident response.

• Conducting in-depth penetration testing across our product suite, including AI-driven workflows, custom infrastructure, and user-facing interfaces.

• Building and automating offensive tooling to scale your impact, leveraging cutting-edge techniques to stay ahead of emerging threats.

• Communicating findings with clarity and conviction, ensuring technical and non-technical stakeholders understand risks and prioritize mitigations effectively.

• Shaping Mistral AI's security strategy by contributing attacker-informed perspectives to threat modeling, risk assessment, and architectural decisions.

We're looking for someone with 7+ years of offensive security experience, deep knowledge of AI/ML security risks, and hands-on experience assessing modern technology stacks. A builder's mindset, strong intuition for trust boundaries, and outstanding communication skills are also essential.

XML job scraping automation by YubHub

Mistral AI is a technology company that develops and provides AI-powered solutions and platforms for enterprise use. Our technology is designed to integrate seamlessly into daily working life.

Role Summary

As a CyberSecurity Team Lead, you will be responsible for architecting and enforcing the security posture of our entire technical stack, from on-premise foundations to cloud-native deployments. You will oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.

Responsibilities

• Oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.
• Select, deploy, and maintain the tools needed for visibility and protection, including CNAPP, CSPM, SAST/DAST, secret scanning, and SBOM/CVE tracking.
• Integrate security controls and automated gates directly into CI/CD pipelines to catch vulnerabilities before deployment (Shift Left).
• Partner with engineering teams to interpret findings and 'ease the fix,' providing patches, code snippets, or architectural advice to resolve issues quickly.
• Define and maintain rigorous security guidelines and best practices for developers and system administrators.
• Design and lead security awareness programs and technical training tailored for developers and admins to reduce human risk.
• Track and define key security metrics (MTTR, coverage, vulnerability density) to visualize posture and progress to leadership.

Requirements

• 6+ years of experience in Information Security, with a specific focus on Application Security, Cloud Security, or DevSecOps.
• Strong scripting skills (Python, Go, or Bash) to automate security tasks and integrate tools.
• Deep understanding of CI/CD ecosystems and container orchestration (Kubernetes/Docker).
• Hands-on experience with modern security tooling (e.g., Wiz, Snyk, SonarQube, Prisma, or similar enterprise tools).
• Collaborative mindset: you view developers as partners, not adversaries, and focus on enabling them to code securely.
• Clear communication, autonomous, and capable of translating technical security risks into actionable engineering tasks.

Benefits

• Competitive salary
• Comprehensive health insurance
• Flexible working hours
• Professional development opportunities

Note: The company may offer additional benefits not listed here.

XML job scraping automation by YubHub

We're a team of scientists, engineers, and machine learning experts working together to advance the state of the art in artificial intelligence. Our mission is to close the 'Agentic Launch Gap'; the critical window where novel AI capabilities outpace traditional security reviews.

As the Security Lead for the Agentic Red Team, you will direct a specialized unit of AI Researchers and Offensive Security Engineers focused on adversarial AI and agentic exploitation. Operating as a technical player-coach, you will architect complex, multi-turn attack scenarios while managing cross-functional partnerships with Product Area leads and Google security to influence launch criteria.

Key Responsibilities:

• Direct Agile Offensive Security: Lead a specialized red team focused on rapid, high-impact engagements targeting production-level AI models and systems.
• Perform Complex AI Exploitation: Develop and carry out advanced attack sequences that focus on vulnerabilities unique to GenAI, such as escalating privileges through tool usage, poisoning data, and executing multi-turn prompt injections.
• Design Automated Validation Systems: Collaborate with Google teams to engineer 'Auto RedTeaming' solutions that transform manual vulnerability discoveries into robust, automated regression testing frameworks.
• Engineer Technical Countermeasures: Create innovative defense-in-depth frameworks and control systems to mitigate agentic logic errors and non-deterministic model behaviors.
• Manage Threat Intelligence Assets: Develop and oversee an evolving inventory of exploit primitives and agent-specific attack patterns used to establish release criteria and evaluate model security benchmarks.
• Establish Security Scope: Collaborate with Google for conventional infrastructure protection, allowing the team to concentrate solely on agentic logic, model inference, and AI-centric exploits.

About You:

• Bachelor's degree in Computer Science, Information Security, or equivalent practical experience.
• Experience in Red Teaming, Offensive Security, or Adversarial Machine Learning.
• Deep technical understanding of LLM architectures and agentic workflows (e.g., chain-of-thought reasoning, tool usage).
• Proven ability to work in a consulting capacity with product teams, driving security improvements in fast-paced release cycles.
• Experience managing or technically leading small, high-performance engineering teams.

In addition, the following would be an advantage:

• Hands-on experience developing exploits for GenAI models (e.g., prompt injection, adversarial examples, training data extraction).
• Familiarity with AI safety benchmarks and evaluation frameworks.
• Experience writing code (Python, Go, or C++) to build automated security tools or fuzzers.
• Ability to communicate complex probabilistic risks to executive stakeholders and engineering teams effectively.

The US base salary range for this full-time position is between $248,000 - $349,000 + bonus + equity + benefits.

XML job scraping automation by YubHub

We're a team of scientists, engineers, machine learning experts, and more, working together to advance the state of the art in artificial intelligence.

About Us The Agentic Red Team is a specialized, high-velocity unit within Google DeepMind Security. Our mission is to close the 'Agentic Launch Gap',the critical window where novel AI capabilities outpace traditional security reviews.

The Role As a Senior Security Engineer on the Agentic Red Team, you will be the primary technical executor of our adversarial engagements. You will work 'in the room' with product builders, identifying architectural flaws during the design phase long before formal reviews begin.

Key Responsibilities:

• Execute Agile Red Teaming: Conduct rapid, high-impact security assessments on agentic services, focusing on vulnerabilities unique to GenAI such as prompt injection, tool-use escalation, and autonomous lateral movement.
• Develop Advanced Exploits: Engineer and execute complex attack sequences that exploit non-deterministic model behaviors, agentic logic errors, and data poisoning vectors.
• Build Automated Defenses: Write code to transform manual vulnerability discoveries into automated regression testing frameworks ('Auto Red Teaming') that prevent regression in future model versions.
• Embed with Product Teams: Partner directly with developers during the design and build phases to provide immediate feedback, effectively shortening the feedback loop between offensive findings and defensive engineering.
• Curate Threat Intelligence: Maintain and expand a library of agent-specific attack patterns and exploit primitives to establish robust release criteria for new models.

About You In order to set you up for success as a Software Engineer at Google DeepMind, we look for the following skills and experience:

• Bachelor's degree in Computer Science, Information Security, or equivalent practical experience.
• Experience in Red Teaming, Offensive Security, or Adversarial Machine Learning.
• Strong coding skills in Python, Go, or C++ with experience building security tools or automation.
• Technical understanding of LLM architectures, agentic workflows (e.g., chain-of-thought reasoning), and common AI vulnerability classes.

Preferred Qualifications

• Hands-on experience developing exploits for GenAI models (e.g., prompt injection, adversarial examples, training data extraction).
• Experience working in a consulting capacity with product teams or in a fast-paced 'startup-like' environment.
• Familiarity with AI safety benchmarks, evaluation frameworks, and fuzzing techniques.
• Ability to translate complex probabilistic risks into actionable engineering fixes for developers.

Salary & Benefits The US base salary range for this full-time position is between $166,000 - $244,000 + bonus + equity + benefits.

XML job scraping automation by YubHub

Embedded directly within Mistral's Security Engineering ecosystem, you will architect and enforce the security posture of our entire technical stack, from on-premise foundations to cloud-native deployments.

As a CyberSecurity Team Lead, you will oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.

You will select, deploy, and maintain the tools needed for visibility and protection, including CNAPP, CSPM, SAST/DAST, secret scanning, and SBOM/CVE tracking.

Integrate security controls and automated gates directly into CI/CD pipelines to catch vulnerabilities before deployment (Shift Left).

Partner with engineering teams to interpret findings and 'ease the fix,' providing patches, code snippets, or architectural advice to resolve issues quickly.

Define and maintain rigorous security guidelines and best practices for developers and system administrators.

Design and lead security awareness programs and technical training tailored for developers and admins to reduce human risk.

Track and define key security metrics (MTTR, coverage, vulnerability density) to visualize posture and progress to leadership.

Who you are

• 6+ years of experience in Information Security, with a specific focus on Application Security, Cloud Security, or DevSecOps.

• Strong scripting skills (Python, Go, or Bash) to automate security tasks and integrate tools.

• Deep understanding of CI/CD ecosystems and container orchestration (Kubernetes/Docker).

• Hands-on experience with modern security tooling (e.g., Wiz, Snyk, SonarQube, Prisma, or similar enterprise tools).

• Collaborative mindset: you view developers as partners, not adversaries, and focus on enabling them to code securely.

• Clear communication, autonomous, and capable of translating technical security risks into actionable engineering tasks.

It would be ideal if you also have:

• Industry certifications such as CISSP, CCSP, OSCP, or cloud-specific security certifications.

• Strong Infrastructure as Code (IaC) experience with Terraform or Ansible.

• Experience in offensive security (Penetration Testing) to better understand attacker mindsets.

• Prior experience securing large-scale AI or Machine Learning infrastructure.

XML job scraping automation by YubHub

As a collaborative problem-solver, you are comfortable working across teams—from executives to engineers—to ensure robust security controls and compliance. You excel at conducting security investigations, analyzing complex events and alerts, and developing actionable metrics. Your familiarity with modern security frameworks, such as MITRE ATT&CK and Cyber Kill Chain, empowers you to identify and mitigate threats proactively. You are detail-oriented, organized, and adept at multitasking, thriving in environments that require prioritization and agility.

You are committed to ongoing learning, staying current with emerging security technologies and frameworks. Your experience spans cloud security (AWS, GCP, Azure), offensive security, and incident response. You enjoy participating in audits and assessments, contributing to a culture of continuous improvement. With strong communication skills and an inclusive mindset, you foster trust and collaboration across diverse teams. If you’re ready to make an impact at the forefront of cybersecurity innovation, Synopsys is the place for you.

Design, deploy, and manage enterprise-grade security solutions including CASB, SSPM, WAF, firewalls, and email protection across global environments. Integrate and implement network security solutions, ensuring seamless operation and compliance with Zero Trust security principles. Enforce CMMC regulations, technical data controls, and export authorization rules, including U.S. person-only access restrictions for controlled systems and datasets. Conduct and support external audits, internal reviews, and compliance assessments related to CMMC and other regulatory frameworks. Research, evaluate, pilot, and implement new security solutions at a global enterprise scale, collaborating with vendors and stakeholders. Investigate security events and alerts from multiple log sources, performing end-to-end security investigations, and reporting actionable findings. Develop and manage the collection, reporting, and analysis of security events and metrics to drive continuous improvement. Participate in incident response processes and supporting light on-call pager duty rotations for critical issues.

Strengthen Synopsys’ global security posture by implementing advanced security controls and best practices. Ensure compliance with CMMC and other regulatory frameworks, enabling secure operations for critical projects. Protect sensitive data, intellectual property, and infrastructure against emerging cyber threats. Drive continuous improvement in security operations through data-driven analysis and proactive risk management. Enhance cross-functional collaboration between engineering, compliance, and executive teams to foster a culture of security awareness. Support innovation by enabling secure cloud implementations and supporting offensive security initiatives.

Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field required. 5+ years of hands-on experience with enterprise-grade security solutions (CASB, SSPM, WAF, firewalls, email security). 2+ years of experience installing, integrating, and deploying network security solutions. Solid understanding of Zero Trust security principles and architectures. Deep knowledge of CMMC regulations, technical data controls, and export authorization rules. Experience enforcing U.S. person-only access restrictions for controlled systems and datasets. Experience with external audits, internal reviews, and compliance assessments. Broad experience securing cloud implementations (AWS, GCP, Azure) and offensive security domains. Hands-on experience with Zscaler, Palo Alto Networks, ProofPoint, and other leading security platforms. Relevant certifications (CEH, CISSP, GIAC, OSCP, AWS Certified Advanced Networking, Security+) preferred. US citizenship or Green Card required.

XML job scraping automation by YubHub

The Application Security team at Anthropic is at the forefront of building security into every phase of the software development lifecycle. In this hands-on technical role, you will partner closely with software engineers and researchers to ensure security is a core consideration from initial design through implementation.

You will lead threat modeling and secure design reviews to proactively identify and mitigate risks early, and help with continuous risk assessment. You will build tools and systems to support developers shipping code securely, adhering to secure coding best practices.

Your insights will shape our tooling, detection capabilities, and defenses against emerging threats to AI/ML. You'll develop the standards, processes, and educational resources that enable all Anthropic engineers to be security champions.

Responsibilities:

• Help secure AI products and internal tools that are introducing industry-novel security risks and pushing established security boundaries
• Lead “shift left” security efforts to build security into the software development lifecycle
• Conduct secure design reviews and threat modeling. Identify and prioritise risks, attack surfaces, and vulnerabilities
• Develop tooling to scale security code reviews and respond to developer questions, including advising developers on remediating vulnerabilities and following secure coding practices
• Manage Anthropic's vulnerability management program, including integrating data ingestion pipelines, coding logic to prioritise vulnerability fixes, supporting teams remediating vulnerabilities and developing automated systems at scale
• Oversee Anthropic's bug bounty program. Set scope, validate submissions, perform root cause analysis, coordinate remediation with engineering teams, and award bounties. Cultivate relationships with the ethical hacker community
• Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development
• Develop and document security policies, standards, and playbooks. Conduct security awareness training for engineers

You may be a good fit if you:

• Have 5+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments
• Strong proficiency in at least one programming language (e.g., Python, Rust, Go, Java)
• Lead with empathy, a collaborative spirit, and a learning mindset to work cross-functionally with engineers of all levels to build security into the software development life cycle
• Leverage creative and strategic thinking to reduce risk through secure design and simplicity, not just controls
• Possess broad security knowledge to connect the dots across domains and identify holistic ways to decrease the overall threat surface
• Are keen to distill complex security concepts into clear actions and drive consensus without direct authority
• Embody a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and education
• Have a strong grasp of offensive security to anticipate risks from an adversary's perspective, not just check compliance boxes
• Bring experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses
• Are practiced at collaborating cross-functionally and effectively balancing security requirements with business objectives
• Advocate for security fundamentals like least privilege, defence-in-depth, and eliminating complexity that could sub-linearly scale security through smart design

Strong candidates may also:

• Hands-on technical expertise securing complex cloud environments and microservices architectures leveraging technologies like Kubernetes, Docker, and AWS / GCP
• Exposure to offensive security techniques like vulnerability testing, bug bounty, pen testing, and red team exercises
• Familiarity with AI/ML security risks such as prompt injection, data poisoning, model extraction, etc. and mitigations
• Experience building security tools, applications, and automated tools
• Solid foundational knowledge of both software and security engineering principles and are keen to continue learning
• Excellent communication skills, able to distill complex security topics for broad audiences
• Worked and thrived in fast-paced environments, and comfortable navigating ambiguity

The annual compensation range for this role is $300,000 - $405,000 USD.

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

AI Security at Anthropic

We believe we are at an inflection point for AI's impact on cybersecurity. Models are now useful for cybersecurity tasks in practice: for example, Claude can now outperform human teams in some cybersecurity competitions and help us discover vulnerabilities in our own code.

We are looking for researchers and engineers to help us accelerate defensive use of AI to secure code and infrastructure.

Anthropic Fellows Program Overview

The Anthropic Fellows Program is designed to accelerate AI security and safety research, and foster research talent. We provide funding and mentorship to promising technical talent - regardless of previous experience - to research the frontier of AI security and safety for four months.

Fellows will primarily use external infrastructure (e.g. open-source models, public APIs) to work on an empirical project aligned with our research priorities, with the goal of producing a public output (e.g. a paper submission). In our previous cohorts, over 80% of fellows produced papers (more below).

We run multiple cohorts of Fellows each year. This application is for cohorts starting in July 2026 and beyond.

What to Expect

• Direct mentorship from Anthropic researchers
• Access to a shared workspace (in either Berkeley, California or London, UK)
• Connection to the broader AI safety research community
• Weekly stipend of 3,850 USD / 2,310 GBP / 4,300 CAD & access to benefits (benefits vary by country)
• Funding for compute (~$15k/month) and other research expenses

Mentors, Research Areas, & Past Projects

Fellows will undergo a project selection & mentor matching process. Potential mentors include:

• Nicholas Carlini
• Keri Warr
• Evyatar Ben Asher
• Keane Lucas
• Newton Cheng

On our Alignment Science and Frontier Red Team blogs, you can read about some past Fellows projects, including:

• AI agents find $4.6M in blockchain smart contract exploits: Winnie Xiao and Cole Killian, mentored by Nicholas Carlini and Alwin Peng
• Strengthening Red Teams: A Modular Scaffold for Control Evaluations: Chloe Loughridge et al., mentored by Jon Kutasov and Joe Benton

You may be a good fit if you

• Are motivated by reducing catastrophic risks from advanced AI systems
• Are excited to transition into full-time empirical AI safety research and would be interested in a full-time role at Anthropic

Please note:

We do not guarantee that we will make any full-time offers to fellows. However, strong performance during the program may indicate that a Fellow would be a good fit here at Anthropic. In previous cohorts, over 40% of fellows received a full-time offer, and we’ve supported many more to go on to do great work on safety at other organisations.

Strong candidates may also have:

• Contributed to open-source projects in LLM- or security-adjacent repositories
• Demonstrated success in bringing clarity and ownership to ambiguous technical problems
• Experience with pentesting, vulnerability research, or other offensive security
• A history demonstrating desire to do the 'dirty work' that results in high-quality outputs
• Reported CVEs, or been awarded for bug bounty vulnerabilities
• Experience with empirical ML research projects
• Experience with deep learning frameworks and experiment management

Candidates must be:

• Fluent in Python programming
• Available to work full-time on the Fellows program for 4 months

We encourage you to apply even if you do not believe you meet every single qualification.

Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.

Interview process

The interview process will include an initial application & references check, technical assessments & interviews, and a research discussion.

Compensation

The expected base stipend for this role is 3,850 USD / 2,310 GBP / 4,300 CAD per week, with an expectation of 40 hours per week, for 4 months (with possible extension).

Logistics

Logistics Requirements: To participate in the Fellows program, you must have work authorization in the US, UK, or Canada and be located in that country during the program.

Workspace Locations: We have designated shared workspaces in London and Berkeley where fellows will work from and mentors will visit. We are also open to remote fellows in the UK, US, or Canada. We will ask you about your availability to work from Berkeley or London (full- or part-time) during the program.

Visa Sponsorship: We are not currently able to sponsor visas for fellows. To participate in the Fellows program, you must have work authorization in the US, UK, or Canada and be located in that country during the program.

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the Team

The Frontier Red Team (FRT) is a small, focused technical research team within Anthropic's Policy organization. Our goal is to make the entire world safer in an era of advanced AI by understanding what these systems can do and building the defenses that matter.

In 2026, we're focused on researching and ensuring safety with self-improving, highly autonomous AI systems, especially ones related to cyberphysical capabilities. See our previous related work on exploits, partnering with Mozilla, and zero days. This is early-stage, high-conviction research with the potential for outsized impact.

About the Role

In the last year, we've seen compelling signs that LLMs and agents are increasingly capable of novel cyber capabilities. We think 2026 will be the year where models reach expert-level, even superhuman, in several cybersecurity domains. This is a novel and massive threat surface.

As a Research Scientist on FRT focusing on cyber, you'll build the tools and frameworks needed to defend the world against advanced AI-enabled cyber threats. Senior candidates will have the opportunity to shape and grow Anthropic's cyberdefense research program, working with Security, Safeguards, Policy, and other partner teams. This work sits at the intersection of AI capabilities research, cybersecurity, and policy—what we learn directly shapes how Anthropic and the world prepare for AI-enabled cyber threats.

This is applied research with real-world stakes. Your work will inform decisions at the highest levels of the company, contribute to demonstrations that shape policy discourse, and build the technical defenses that we will need for a future of increasingly powerful AI systems.

What You'll Do

• Develop systems, tools, and frameworks for AI-empowered cybersecurity, such as autonomous vulnerability discovery and remediation, malware detection and management, network hardening, and pentesting

• Design and run experiments to elicit and evaluate autonomous AI cyber capabilities in realistic scenarios

• Design and build infrastructure for evaluating and enabling AI systems to operate in security environments

• Translate technical findings into compelling demonstrations and artifacts that inform policymakers and the public

• Collaborate with external experts in cybersecurity, national security, and AI safety to scope and validate research directions

Sample Projects

• Building frameworks and tools that enable AI models to autonomously find and patch vulnerabilities

• Running purple-team simulations where AI defenders compete against AI attackers in network environments

• Pointing autonomous AI systems at real-world security challenges (bug bounties, CTFs etc.) to characterize risks, defensive potential, and compare to human experts

• Building demonstrations of frontier AI cyber capabilities for policy stakeholders

You May Be a Good Fit If You

• Have deep expertise in cybersecurity or security research

• Are driven to find solutions to complex, high-stakes problems

• Have experience doing technical research with LLM-based agents or autonomous systems

• Have strong software engineering skills, particularly in Python

• Can own entire problems end-to-end, including both technical and non-technical components

• Design and run experiments quickly, iterating fast toward useful results

• Thrive in collaborative environments

• Care deeply about AI safety and want your work to have real-world impact on how humanity navigates advanced AI

• Are comfortable working on sensitive projects that require discretion and integrity

• Have proven ability to lead cross-functional security initiatives and navigate complex organizational dynamics

Strong Candidates May Also Have

• Experience with offensive security research, vulnerability research, or exploit development

• Research or professional experience applying LLMs to security problems

• Track record in competitive CTFs, bug bounties, or other security-related competitions

• Experience building security tools or automation

• Track record of building demos or prototypes that communicate complex technical ideas

• Experience working with external stakeholders (policymakers, government, researchers)

• Familiarity with AI safety research and threat modeling for advanced AI systems

Logistics

Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will

XML job scraping automation by YubHub

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the Role

We are looking for vulnerability researchers to help mitigate the risks that come with building AI systems. One of these risks is the potential for LLMs to enable adversaries to cause harm by automating the attacks that today are carried out by human cybercrime groups, but in the future may be easily carried out by humans misusing LLMs. We are hiring security specialists who are experienced at exploitation and remediation, and are interested in understanding how LLMs could cause harm in the future, so that we can better prepare for this future and mitigate these risks before they arise.

Responsibilities:

• Triage any vulnerabilities discovered, coordinate and assist the external and open-source community in remediation
• Write scaffolds designed to automate typical traditional attack techniques to help clarify our defensive problem selection
• Research how adversaries might misuse LLMs to identify and exploit vulnerabilities at scale in the future
• Develop promising defensive strategies that could mitigate the ability of adversaries to misuse models in harmful ways
• Work with a small, senior team of engineers and researchers to enact a forward-looking security plan

You may be a good fit if you have:

• 3+ years experience with pentesting, vulnerability research, or other offensive security experience
• Senior-level knowledge in at least one related topic area (reverse engineering, network security, exploitation, physical security)
• A history demonstrating desire to do the 'dirty work' that results in high-quality outputs
• Software engineering experience
• Demonstrated success in bringing clarity and ownership to ambiguous technical problems
• Proven ability to lead cross-functional security initiatives and navigate complex organisational dynamics

Strong candidates may also have:

• Published research papers on computer security, language modeling, or related topics; or given talks at Defcon, Blackhat, CCC, or related venues
• Familiarity with large language models and how they work; for example, you may have written agent scaffolds
• Reported CVEs, or been awarded for bug bounty vulnerabilities
• Contributed to open-source projects in LLM- or security-adjacent repositories

Logistics

Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact — advancing our long-term goals of steerable, trustworthy AI — rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills.

The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences.

Come work with us!

Anthropic is a public benefit corporation headquartered in San Francisco.

XML job scraping automation by YubHub

Offensive Security Engineer, Agent Security

Location

San Francisco; New York City; Remote - US; Seattle; Washington, DC

Employment Type

Full time

Department

Security

Compensation

• San Francisco, Seattle, New York$347K – $490K • Offers Equity
• Zone A$312.3K – $490K • Offers Equity
• Zone B$277.6K – $490K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About the Role

We're seeking an exceptional Principal-level Offensive Security Engineer to challenge and strengthen OpenAI's security posture. This role isn't your typical red team job - it's an opportunity to engage broadly and deeply, craft innovative attack simulations, collaborate closely with defensive teams, and influence strategic security improvements across the organization.

You'll have the chance to not only find vulnerabilities but actively drive their resolution, automate offensive techniques with cutting-edge technologies, and use your unique attacker perspective to shape our security strategy.

This role will be primarily focused on continuously testing our agent powered products like codex and operator. These systems are uniquely valuable targets because they’re rapidly evolving, have access to perform sensitive actions on behalf of users, and have large, diverse attack surfaces. You will play a crucial role in securing our agents by hunting for realistic vulnerabilities that emerge from the interactions between the applications, infrastructure, and models that power them.

In this role you will:

• Continuously hunt for vulnerabilities in the interactions between the applications, infrastructure, and models that power our agentic products.

• Conduct open-scope red and purple team operations, simulating realistic attack scenarios.

• Collaborate proactively with defensive security teams to enhance detection, response, and mitigation capabilities.

• Perform comprehensive penetration testing on our diverse suite of products.

• Leverage advanced automation and OpenAI technologies to optimize your offensive security work.

• Present insightful, actionable findings clearly and compellingly to inspire impactful change.

• Influence security strategy by providing attacker-driven insights into risk and threat modeling.

You might thrive in this role if you have:

• 7+ years of hands-on red team experience or exceptional accomplishments demonstrating equivalent expertise.

• Deep expertise conducting offensive security operations within modern technology companies.

• Experience designing, developing, or testing assessing the security of AI-powered systems.

• Experience working finding, exploiting and mitigating common vulnerabilities in AI systems like prompt injection, leaking sensitive data, confused deputies, and dynamically generated UI components.

• Exceptional skill in code review, identifying novel and subtle vulnerabilities.

• Proven experience performing offensive security assessments in at least one hyperscaler cloud environment (Azure preferred).

• Demonstrated mastery assessing complex technology stacks, including:

• Highly customized Kubernetes clusters

• Container environments

• CI/CD pipelines

• GitHub security

• macOS and Linux operating systems

• Data science tooling and environments

• Python-based web services

• React-based frontend applications
• Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts.

• Excellent coding skills, capable of writing robust tools and automation for offensive operations.

• Ability to communicate complex technical concepts to both technical and non-technical stakeholders.

Experience Level

Senior

Employment Type

Full-time

Workplace Type

Remote

Category

Engineering

Industry

Technology

Salary Range

$347K – $490K • Offers Equity

Required Skills

• Red team experience
• Offensive security operations
• AI-powered systems security
• Vulnerability assessment
• Penetration testing
• Automation
• Code review
• Cloud security
• Kubernetes
• Container security
• CI/CD pipelines
• GitHub security
• macOS and Linux operating systems
• Data science tooling and environments
• Python-based web services
• React-based frontend applications

Preferred Skills

• Azure cloud security
• Highly customized Kubernetes clusters
• Container environments
• CI/CD pipelines
• GitHub security
• macOS and Linux operating systems
• Data science tooling and environments
• Python-based web services
• React-based frontend applications

XML job scraping automation by YubHub

What you'll do

You will work closely with Application Security and Red Team engineers, applying an attacker's mindset to AI systems while building scalable security testing, automation, and guardrails that meaningfully reduce risk.

• Perform security testing and reviews of AI-enabled applications, agents, and workflows, including architecture, design, and implementation analysis
• Identify and validate vulnerabilities in LLM-based systems such as data leakage, insecure tool use, authentication gaps, and abuse paths

What you need

• Strong background in application security, offensive security, or a combination of both
• Hands-on experience identifying and exploiting security weaknesses in modern applications and services

XML job scraping automation by YubHub