Application Security Engineer in London

Anthropic is working on frontier AI research that has the potential to transform how humans and machines interact. As we rapidly advance foundational LLMs, application security is paramount. In this role, you will apply security patterns built for high-risk environments to safeguard model weights as we scale new capabilities. Working closely with software engineers, you will institute controls around access, infrastructure, and data to proactively minimize risks from bad actors. This is an opportunity to join a team of experts building AI for social good, while advancing the frontier of safe and ethical AI development.

About Anthropic: Anthropic is an AI safety and research company that’s working to build reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our customers and for society as a whole. Our interdisciplinary team has experience across ML, physics, policy, business and product.

Responsibilities:

• Lead “shift left” security efforts to build security into the software development lifecycle.
• Conduct secure design reviews and threat modeling.
• Identify and prioritize risks, attack surfaces, and vulnerabilities.
• Perform security code reviews of source code changes and advise developers on remediating vulnerabilities and following secure coding practices.
• Manage Anthropic's vulnerability management program. Triage and prioritize vulnerabilities from scans, audits, and bug bounty submissions. Track remediation and validate fixes.
• Oversee Anthropic's bug bounty program. Set scope, triage submissions, coordinate disclosure with engineering teams, and reward bounties. Cultivate relationships with the ethical hacker community.
• Research and recommend security tools and technologies to strengthen defenses against emerging threats targeting machine learning systems.
• Develop and document security policies, standards, and playbooks. Conduct security awareness training for engineers.
• Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development.

You may be a good fit if you:

• Have 5+ years of hands‑on experience in application and infrastructure security, including securing cloud-based and containerized environments.
• Have empathy, collaboration skills, and a learning mindset to work cross‑functionally with engineers of all levels to build security into the product life cycle.
• Can use creative and strategic thinking to reduce risk through secure design and simplicity, not just controls.
• Possess broad security knowledge to connect the dots across domains and identify holistic ways to lower the overall threat surface.
• Have the ability to distill complex security concepts into clear actions and drive consensus without direct authority.
• Have a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and education.
• Have strong grasp of offensive security to anticipate risks from an adversary's perspective, not just check compliance boxes.
• Have experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses.
• Are passionate for security fundamentals like least privilege, defense‑in‑depth, and eliminating complexity that could sub‑linearly scale security through smart design.

Strong candidates may also:

• Have hands‑on technical expertise securing complex cloud environments and microservices architectures leveraging technologies like Kubernetes, Docker, and AWS / GCP.
• Have experience with offensive security techniques like vulnerability testing, pen testing, and red team exercises.
• Have familiarity with AI/ML security risks such as data poisoning, model extraction, adversarial examples, etc. and mitigations.
• Have experience building security tools, scripts, and automations.
• Have a solid foundational knowledge of security engineering principles and technologies. Keen to continue learning.
• Possess excellent communication skills, able to distill complex security topics for broad audiences.
• Have a passion for security and protecting users. Willingness to constructively challenge assumptions to drive security.

Candidates need not have:

• 100% of the skills needed to perform the job.
• Formal certifications or education credentials.

Annual Salary (USD): The expected salary range for this position is $300-$405k.

Logistics: Location‑based hybrid policy: Currently, we expect all staff to be in our office at least 25% of the time.

Compensation and Benefits: Anthropic’s compensation package consists of three elements: salary, equity, and benefits. We are committed to pay fairness and aim for these three elements collectively to be highly competitive with market rates.

US Benefits:

• Optional equity donation matching at a 3:1 ratio, up to 50% of your equity grant.
• Comprehensive health, dental, and vision insurance for you and all your dependents.
• 401(k) plan with 4% matching.
• 22 weeks of paid parental leave.
• Unlimited PTO – most staff take between 4-6 weeks each year, sometimes more!
• Stipends for education, home office improvements, commuting, and wellness.
• Fertility benefits via Carrot.
• Daily lunches and snacks in our office.
• Relocation support for those moving to the Bay Area.

UK Benefits:

• Optional equity donation matching at a 3:1 ratio, up to 50% of your equity grant.
• Private health, dental, and vision insurance for you and your dependents.
• Pension contribution (matching 4% of your salary).
• 22 weeks of paid parental leave.
• Unlimited PTO – most staff take between 4-6 weeks each year, sometimes more!
• Health cash plan.
• Life insurance and income protection.
• Daily lunches and snacks in our office.

How we're different: We believe that the highest‑impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large‑scale research efforts. And we value impact — advancing our long‑term goals of steerable, trustworthy AI — rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We’re an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest‑impact work at any given time. As such, we greatly value communication skills. We do not have boundaries between engineering and research, and we expect all of our technical staff to contribute to both as needed.

Research Directions: The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT‑3, Circuit‑Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences.