Staff+ Security Engineer, Risk Engineering

External

Anthropic · San Francisco, CA

Full-timeOn-site1d ago

Cloud SecurityLeadershipObservabilityPythonRisk ManagementSAFe

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

The Security Risk team is responsible for how Anthropic identifies, prioritizes, and drives treatment of its most important security risks. We are rebuilding risk management to operate as an engineering function through automation and AI-native platforms to enable decision making. The systems we assess span Anthropic's full security landscape, from authorization primitives to cryptographic foundations, so the team needs breadth across domains and the ability to go deep in any of them. Security Risk, in deep partnership with Security Engineering, will help define the security program to shape how both engineers and non-engineers build and ship software. The conventional GRC playbook was not built for a company shipping frontier AI. You will help define what replaces it, with a direct line to CISO-level decisions and the mandate to build the AI-native platform underneath. You'll work across a breadth of areas from identity and secrets management to infrastructure security, with your focus shaped by your strengths, ability to learn quickly, and the team's priorities. This is largely greenfield work, and you will help define the architecture and discipline.

Responsibilities

Take ownership of Anthropic's most complex security risk problems and drive them end to end with minimal oversight, turning ambiguous signals into a defensible view of severity and likelihood and seeing them through escalation, treatment decisions, and remediation

Build the systems that make risk measurable and let risk work scale, including quantification tooling, automated intake and triage, and the observability that partner teams use to understand their own risk posture

Work alongside Security Engineering as a calibrated technical peer who pressure tests architectures and treatment plans, translates findings into prioritized remediation roadmaps, and makes the investment case for what to fix now, what to accept and track, and what to defer

Mentor engineers and risk practitioners across Security and the broader engineering organization, and help build a risk engineering culture in which teams own their risks and our team provides the visibility and judgment that supports the

Security risk engineering

Work across the breadth of Anthropic's security landscape, spanning areas like identity and secrets management, developer security and supply chain, infrastructure security, and secure frameworks, and build the context needed to reason about risk credibly in each

Go deep where a risk demands it, understanding how these systems are built and how they fail so that assessments and treatment plans reflect engineering reality rather than abstraction

Risk assessment and quantification

Identify systematic risks through threat modeling and structured assessment, then drive the severity calibration and escalation conversations that follow, bringing leadership a defensible position and a clear recommendation that holds up under pointed questions

Contribute to the team's quantitative risk work, applying methods such as calibrated estimation and Monte Carlo simulation where they meaningfully change a resource or treatment decision

Risk platform and automation

Design and build AI-native risk tooling that uses Claude to classify incoming risks, augment triage, and continuously sense changes in our risk landscape as teams ship

Create the dashboards and data pipelines that give engineering and product teams real-time visibility into their risk posture and make distributed ownership of risk practical

Remediation strategy and investment

Partner with Security Engineering and risk owners to design remediation roadmaps that are explicit about sequencing, ownership, and the investment required

Measure outcomes rather than activity, focusing on decisions made and risk reduced

Staff+ Security Engineer, Risk Engineering

About the role

Responsibilities

Requirements

Benefits

Additional Information

Your Match

Company Intel

What employees say

Interested in this role?