As a specialist in digital networking, you will be responsible for conducting vulnerability tests, supporting penetration tests, and participating in vulnerability management. You will also be involved in adapting and maintaining security guidelines and supporting operational technology security.

We offer a dynamic and innovative work environment, opportunities for professional growth, and a competitive salary.

Key responsibilities:

• Conducting vulnerability tests and penetration tests
• Participating in vulnerability management
• Adapting and maintaining security guidelines
• Supporting operational technology security

Requirements:

• Good academic record
• Proficiency in German language (written and spoken)
• High learning ability and interest in cybersecurity
• Good English language skills
• Team and communication skills
• Sensitive and structured working style
• Strong sense of responsibility

Benefits:

• Competitive salary
• Opportunities for professional growth
• Dynamic and innovative work environment

If you are interested in this opportunity, please submit your application with your resume and cover letter.

Note: This position is also suitable for individuals with disabilities.

XML job scraping automation by YubHub

About the Role: The Application Security team at Anthropic is at the forefront of building security into every phase of the software development lifecycle. As an Application Security Engineer, you will partner closely with software engineers and researchers to ensure that security is a core consideration from initial design through implementation. You will lead threat modeling and secure design reviews to proactively identify and mitigate risks early, and help with continuous risk assessment. You will build tools and systems to support developers shipping code securely, adhering to secure coding best practices.

Responsibilities:

• Help secure AI products and internal tools that are introducing industry-novel security risks and pushing established security boundaries
• Lead “shift left” security efforts to build security into the software development lifecycle
• Conduct secure design reviews and threat modeling. Identify and prioritize risks, attack surfaces, and vulnerabilities
• Develop tooling to scale security code reviews and respond to developer questions, including advising developers on remediating vulnerabilities and following secure coding practices
• Manage Anthropic's vulnerability management program, including integrating data ingestion pipelines, coding logic to prioritize vulnerability fixes, supporting teams remediating vulnerabilities and developing automated systems at scale
• Oversee Anthropic's bug bounty program. Set scope, validate submissions, perform root cause analysis, coordinate remediation with engineering teams, and award bounties. Cultivate relationships with the ethical hacker community
• Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development
• Develop and document security policies, standards, and playbooks. Conduct security awareness training for engineers

Requirements:

• 5+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments
• Strong proficiency in at least one programming language (e.g., Python, Rust, Go, Java)
• Lead with empathy, a collaborative spirit, and a learning mindset to work cross-functionally with engineers of all levels to build security into the software development life cycle
• Leverage creative and strategic thinking to reduce risk through secure design and simplicity, not just controls
• Possess broad security knowledge to connect the dots across domains and identify holistic ways to decrease the overall threat surface
• Are keen to distill complex security concepts into clear actions and drive consensus without direct authority
• Embody a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and education
• Have a strong grasp of offensive security to anticipate risks from an adversary's perspective, not just check compliance boxes
• Bring experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses
• Are practiced at collaborating cross-functionally and effectively balancing security requirements with business objectives
• Advocate for security fundamentals like least privilege, defense-in-depth, and eliminating complexity that could sub-linearly scale security through smart design

Preferred Qualifications:

• Hands-on technical expertise securing complex cloud environments and microservices architectures leveraging technologies like Kubernetes, Docker, and AWS / GCP
• Exposure to offensive security techniques like vulnerability testing, bug bounty, pen testing, and red team exercises
• Familiarity with AI/ML security risks such as prompt injection, data poisoning, model extraction, etc. and mitigations
• Experience building security tools, applications, and automated tools
• Solid foundational knowledge of both software and security engineering principles and are keen to continue learning
• Excellent communication skills, able to distill complex security topics for broad audiences
• Worked and thrived in fast-paced environments, and comfortable navigating ambiguity

Annual Compensation Range:

$300,000-$405,000 USD

Logistics:

• Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience
• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience
• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

How to Apply:

If you're interested in this role, please submit your application through our website. We look forward to reviewing your application!

Note:

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links,visit anthropic.com/careers directly for confirmed position openings.

XML job scraping automation by YubHub

The Application Security team at Anthropic is at the forefront of building security into every phase of the software development lifecycle. In this hands-on technical role, you will partner closely with software engineers and researchers to ensure security is a core consideration from initial design through implementation.

You will lead threat modeling and secure design reviews to proactively identify and mitigate risks early, and help with continuous risk assessment. You will build tools and systems to support developers shipping code securely, adhering to secure coding best practices.

Your insights will shape our tooling, detection capabilities, and defenses against emerging threats to AI/ML. You'll develop the standards, processes, and educational resources that enable all Anthropic engineers to be security champions.

Responsibilities:

• Help secure AI products and internal tools that are introducing industry-novel security risks and pushing established security boundaries
• Lead “shift left” security efforts to build security into the software development lifecycle
• Conduct secure design reviews and threat modeling. Identify and prioritise risks, attack surfaces, and vulnerabilities
• Develop tooling to scale security code reviews and respond to developer questions, including advising developers on remediating vulnerabilities and following secure coding practices
• Manage Anthropic's vulnerability management program, including integrating data ingestion pipelines, coding logic to prioritise vulnerability fixes, supporting teams remediating vulnerabilities and developing automated systems at scale
• Oversee Anthropic's bug bounty program. Set scope, validate submissions, perform root cause analysis, coordinate remediation with engineering teams, and award bounties. Cultivate relationships with the ethical hacker community
• Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development
• Develop and document security policies, standards, and playbooks. Conduct security awareness training for engineers

You may be a good fit if you:

• Have 5+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments
• Strong proficiency in at least one programming language (e.g., Python, Rust, Go, Java)
• Lead with empathy, a collaborative spirit, and a learning mindset to work cross-functionally with engineers of all levels to build security into the software development life cycle
• Leverage creative and strategic thinking to reduce risk through secure design and simplicity, not just controls
• Possess broad security knowledge to connect the dots across domains and identify holistic ways to decrease the overall threat surface
• Are keen to distill complex security concepts into clear actions and drive consensus without direct authority
• Embody a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and education
• Have a strong grasp of offensive security to anticipate risks from an adversary's perspective, not just check compliance boxes
• Bring experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses
• Are practiced at collaborating cross-functionally and effectively balancing security requirements with business objectives
• Advocate for security fundamentals like least privilege, defence-in-depth, and eliminating complexity that could sub-linearly scale security through smart design

Strong candidates may also:

• Hands-on technical expertise securing complex cloud environments and microservices architectures leveraging technologies like Kubernetes, Docker, and AWS / GCP
• Exposure to offensive security techniques like vulnerability testing, bug bounty, pen testing, and red team exercises
• Familiarity with AI/ML security risks such as prompt injection, data poisoning, model extraction, etc. and mitigations
• Experience building security tools, applications, and automated tools
• Solid foundational knowledge of both software and security engineering principles and are keen to continue learning
• Excellent communication skills, able to distill complex security topics for broad audiences
• Worked and thrived in fast-paced environments, and comfortable navigating ambiguity

The annual compensation range for this role is $300,000 - $405,000 USD.

XML job scraping automation by YubHub