Anthropic· Security· New York City, NY; San Francisco, CA; Seattle, WA
Security Software Engineer, Platform Integration
Classified Tasks (21)
Automate 14%Augment 52%Human-Only 33%
Automate (3)
Fully handled by AI agents
Consume trusted reference integrity manifests for every component in the trusted computing base (TCB)
technical
Surface and report measurement drift across systems and components
operational
Gate workload placement based on attestation outcomes
operational
Augment (11)
AI assists, human decides
Validate integrity measurements end-to-end across components
technical
Integrate with iRoT-rooted DICE chains where exposed
technical
Define and document Anthropic's requirements for partners when DICE chains are not exposed
communication
Ensure the host software stack securely leverages dynamic root-of-trust for measurement (DRTM) primitives in collaboration with other security engineers
technical
Build tooling to validate interconnect topology claims for multi-node workloads
technical
Detect and prevent deviations in interconnect topology before workloads reach production
operational
Validate that CPU and interconnect encryption are enabled and attestable on target systems
technical
Define automated mechanisms to prove hardware debug mechanisms are disabled in production
technical
Verify that devices and peripherals are appropriately covered by debug-disable verification mechanisms
technical
Extend platform trust coverage to accelerators and to the channels between accelerators and other components
technical
Write code implementing platform trust components, verification pipelines, and related tooling
technical
Human-Only (7)
Requires human judgment
Own Anthropic's platform trust integration surface, including the host-side stack that ingests hardware trust primitives and converts them into production gates for workloads
technical
Ensure all security-relevant system state required for attestation is accounted for and used in authorization decisions in production
technical
Collaborate with silicon vendors and firmware maintainers to identify and remediate gaps in DRTM- and attestation-related technologies
communication
Define and own Anthropic's position on performance tradeoffs and on multi-node attestation integration work
leadership
Own and operate services in Anthropic's platform trust pipeline in production
operational
Operate and maintain Anthropic's platform trust pipeline in production and ensure its correctness
operational
Coordinate and operate at the interface between Platform Security Engineering and other Anthropic teams to deploy and integrate platform trust capabilities
communication
Job description
About Anthropic Anthropic’s mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the role Anthropic’s mission requires the ability to defend our compute resources against all types of adversaries. Meeting that bar requires more than trustworthy hardware, it requires a software stack to consume the trust primitives the platform produces: device identities, attestation evidence, integrity manifests, DICE chains, topology claims, debug-state assertions, encryption posture, etc. This role makes sure that all the security-relevant system state that needs to be attested to is properly accounted for in a robust and comprehensive manner, and used appropriately for authorization decisions in production. Key responsibilities You will be the technical owner of Anthropic's platform trust integration surface , the host-side stack that ingests trust primitives produced by hardware and converts them into production gates for workloads. Concretely: Attestation verification pipeline. Consume trusted reference integrity manifests for every component in the TCB. Validate measurements end-to-end, surface drift, and gate workload placement on attestation outcomes. DICE chain consumption. Integrate with iRoT-rooted DICE chains where exposed, and define what Anthropic requires of partners where they aren't yet. Dynamic root-of-trust and late-launch integration. Working with other security engineers to ensure Anthropic's host software stack securely leverages DRTM primitives, and work with silicon vendors and firmware maintainers to address gaps in relevant technologies. Interconnect topology validation. Build the tooling to validate interconnect topology claims for multi-node workloads and catch deviations before they reach production. CPU and interconnect encryption posture. Validate that CPU and interconnect encryption are enabled and attestable on a given system; own Anthropic's position on performance tradeoffs and multi-node attestation integration work. Debug-disable verification. Define automated mechanisms to prove hardware debug mechanisms are disabled in production. Ensure devices/peripherals are appropriately covered. Accelerators are an essential component of AI workloads. We must ensure that platform trust extends to all relevant components, and the channels between them, too. This is an IC engineering role not a PM role. You will write code, own services, and be accountable for the correctness of Anthropic's platform trust pipeline in production. You'll operate at the interface between Platform Security Engineering and the rest of Anthropic. Minimum qualifications Deep systems software engineering experience with kernel, firmware, or low-level platform code. Understanding of hardware as encountered in modern server platforms, and implications of trust relationships within. Working knowledge of modern attestation primitives: RoTs, TPMs, DICE, SPDM, measured boot, DRTM across major CPU architectures, reference integrity manifest best practices, remote attestation protocols and design patterns. Ability to read vendor documentation critically and identify gaps between what the spec claims and what can actually be relied on in production . Strong ownership disposition: comfortable being the one accountable for a capability landing, including when it