Platform Security Engineering - OpenBMC

About the role

Anthropic is standing up a founding team to own the OpenBMC-based management firmware running across its server fleet. You would be one of the first engineers on it. That means production firmware and manageability features (board bring-up through production) on one side, and hardening that firmware against sophisticated adversaries on the other. Security is a first-class constraint in everything you ship: you'll write firmware to a high security bar and partner closely with our firmware security and hardware engineers on secure boot, signing, and attestation.

Responsibilities

• Production and manageability:
• Design, build, and ship OpenBMC firmware and manageability features for x86 and Arm (including GPU) platforms, from bring-up through production, using Yocto/OpenEmbedded
• Build the management stack on DMTF/OCP standards (MCTP, PLDM, SPDM, Redfish, RDE) and IPMI/KCS: sensors, telemetry, inventory, logging, RAS
• Implement BMC-to-BIOS/host communications, eSPI/LPC, thermal/fan/power management (PMBus)
• Work the hardware/firmware boundary: I2C/I3C, SPI, PCIe, SMBus, device trees, U-Boot, Linux
• Security and hardening:
• Own the BMC security posture: secure and measured boot, root of trust, attestation (SPDM), authenticated update (PLDM FW Update), rollback protection, attack-surface reduction
• Lead threat modeling and secure design reviews; run coordinated vulnerability disclosure with vendors and the upstream community
• Build verification tooling: static analysis, fuzzing, firmware extraction, CI gating

Requirements

• 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)
• Strong technical cross-functional leadership skills, direction setting
• Hands-on OpenBMC/BMC firmware experience on x86 and/or Arm, from bring-up through production with hands-on D-Bus/sdbusplus
• Strong C/C++ and Python, deep Linux user-space/kernel fundamentals, and Yocto/OpenEmbedded proficiency
• A security mindset applied to firmware, not bolted on afterward
• Upstream contributions to OpenBMC, U-Boot, DMTF, or OCP
• Working knowledge of out-of-band and in-band management, the relevant DMTF specs, and the device interfaces they run over
• Strong debugging and a track record of shipping reliable, well-tested code.
• Clear communication across internal teams and external vendors
• Ability to work effectively across hardware and software boundaries
• Knowledge of NIST firmware security guidelines and hardware security frameworks, specifically SP 800-193 and 800-147/155
• Strong candidates may also have
• Hardware roots of trust and attestation: Caliptra, OCP S.A.F.E., TPM/HRoT, SPDM
• Memory-safe systems code in Rust or Zig
• Firmware vulnerability research, reverse-engineering, or fuzzing
• Previous work with AI/ML infrastructure security
• Deadline to apply: None. Applications will be received on a rolling basis.
• The annual compensation range for this role is listed below.
• For sales roles, the range provided is the role's On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role.
• Annual Salary:
• $405,000 - $405,000 USD
• Logistics
• Minimum education: Bachelor's degree or an equivalent combination of education, training, and/or experience
• Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience
• Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position
• Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
• Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

Benefits

Additional Information

About Anthropic Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Anthropic? Share your experience