ANTHROP\C

Leading threat modeling, securing design reviews, and continuous risk assessment to proactively identify and mitigate risks early before they ship.

We build the tools and systems that help developers ship code securely at scale, from automated code review tooling to vulnerability prioritization pipelines. We manage Anthropic's vulnerability management program end-to-end — ingesting data, coding triage logic, supporting remediation, and driving automation. We also run the bug bounty program: setting scope, validating submissions, performing root cause analysis, coordinating fixes with engineering teams, and cultivating relationships with the ethical hacker community.

Our work sits at the frontier of AI/ML security, where we're tackling industry-novel risks that push established security boundaries. We drive Anthropic's "shift left" strategy, embedding security into the software development lifecycle so that every engineer can be a security champion. That means developing the standards, policies, playbooks, and training that make secure practices the default — not an afterthought.

This is a team that thinks like attackers, builds like developers, and partners like teammates.

Implementing and maintaining cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments.

We contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security.

We contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation.

We partner closely with core infrastructure, compute, and identity teams to ensure security is never a blocker for new compute environments while maintaining strong security posture across Anthropic's clusters. This means owning network egress controls, cluster access and RBAC, cloud security fundamentals, and container hardening — the foundational layers that everything else runs on.

Building and advancing our developer security program by embedding security practices into the software development lifecycle and developer workflows.

We harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement.

We're securing every stage of the software supply chain — from the moment an engineer opens their IDE to the moment code is running in production. Our goal is secure development environments fed into verified builds, which deploy onto attested infrastructure, closing the loop from code to production.

We own the integrity, auditability, and authorization of everything that gets built and shipped. Grounded in SLSA principles, we deliver secure builds with provenance tracking, binary authorization, artifact signing, and reproducible infrastructure-as-code environments. The team ensures that software powering sensitive environments has verifiable integrity guarantees — that sources and dependencies come from verified origins, and that deployments are logged and inventoried.

Building the foundational systems that govern who, and what, can access Anthropic's most sensitive assets, as well as the security controls to run agents safely at scale.

We design, implement, and maintain the infrastructure for managing identities, controlling access, and protecting critical secrets across research and development environments.

At the core of our work is building a unified authorization platform for all humans at Anthropic: a single control plane for managing access across cloud environments and the many applications the company relies on. Alongside human identity, we adapt these systems to support long-running agents that autonomously perform hours of research and workflow tasks — a new class of identity that demands rethinking traditional access models.

We own public key infrastructure, service authorization, and secrets management, architecting the systems that protect Anthropic's most critical assets including model weights, customer data, and training datasets. This includes building and operating credential issuance, rotation, and workload authentication across multi-cloud environments — ensuring that the right entities have the right access at the right time, and nothing more.

Building the security primitives that everyone else builds on. Operating above the infrastructure layer, the team develops and maintains secure-by-default frameworks, libraries, and services that enable research and development teams to move fast without sacrificing security.

Our team philosophy is high leverage: Own the critical foundations — cryptographic frameworks, mTLS infrastructure, secure serialization, authorization systems — so that entire classes of vulnerabilities are eliminated by design, and engineering teams can work securely without needing to become security experts themselves.

Our goal is to make the secure thing easy and the easy thing secure.

We partner closely with product, research, infrastructure, and other security teams to ensure these frameworks integrate cleanly with lower-layer controls, targeting the highest-risk areas with solutions that stakeholders genuinely want to use.

Where the team can't build everything, it strategizes selectively — maximizing security impact while expanding security ownership across the company.

We stand on the front lines of Anthropic's security posture, leading response efforts across diverse domains — from external attacks to insider threats — spanning every layer of the technology stack.

We rapidly investigate incidents, coordinate response across engineering and security teams, and drive the continuous improvement of detection playbooks, workflows, and response procedures.

We build forward by developing and deploying novel tooling that leverages large language models to enhance detection, investigation, and response capabilities. By pairing deep incident response expertise with innovative automation, we ensure Anthropic can identify and contain threats quickly as the company's attack surface evolves alongside its research.

Building and scaling Anthropic's next-generation security analytics infrastructure. The team architects the data pipelines that ingest and process massive volumes of security telemetry across a rapidly growing environment, and designs the storage and query systems that make that data actionable at speed.

At the center of our work is an AI-powered platform that spans the full detection and response lifecycle — from detection development to incident response.

We develop ML-powered detection systems and creates innovative tooling that leverages Claude to transform how security operations work at Anthropic, combining rapid prototyping with production-grade engineering to stay ahead of emerging threats.

We partner closely with security and infrastructure teams to translate requirements into scalable solutions, and plays a key role in mentoring engineers and growing the broader security organization.

We harden and secure the operating system layer that underpins Anthropic's entire infrastructure. Working with cutting-edge hardware and environments that don't exist anywhere else, we design and implement OS-level security controls — from kernel hardening and secure boot to runtime protection and full-disk encryption — ensuring systems can withstand sophisticated attacks without compromising the performance required for AI model training at unprecedented scale.

Our work spans minimizing attack surfaces across kernelspace and userspace, developing kernel security policies and custom Linux Security Modules, building OS-level attestation and integrity monitoring, and designing privilege separation and mandatory access control.

We also maintain secure update mechanisms, builds configuration management and compliance tooling, and partners with container teams to ensure proper workload isolation at the kernel level.

Every decision balances extreme security requirements against the operational needs of researchers training frontier models.

Our team architects security from the ground up.

Starting at the firmware layer, we design and implement secure boot chains, attestation systems, and integrity monitoring across diverse hardware platforms including CPUs, BMCs, switches, peripherals, and embedded microcontrollers.

Our core mission is ensuring cryptographic proof of system state from hardware root of trust through the application layer, building the foundation that makes higher-level security controls meaningful. This includes developing measured boot implementations, creating reference architectures for bare-metal deployments, conducting firmware vulnerability assessments, and building analysis pipelines for continuous security monitoring.

We work closely with software and hardware vendors to ensure security capabilities meet Anthropic's requirements, and partners with infrastructure teams to integrate controls without impacting training performance across a massive fleet.