Platform Security Engineering - OpenBMC

AnthropicSan Francisco, NY
Hybrid

About The Position

Anthropic is establishing a founding team to manage the OpenBMC-based firmware for its server fleet. This role involves developing production firmware and manageability features, from board bring-up to production, and hardening this firmware against sophisticated adversaries. Security is a critical aspect of all deliverables, requiring adherence to high security standards and close collaboration with firmware security and hardware engineers on secure boot, signing, and attestation.

Requirements

  • 8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security).
  • Strong technical cross-functional leadership skills and direction setting.
  • Hands-on OpenBMC/BMC firmware experience on x86 and/or Arm, from bring-up through production with hands-on D-Bus/sdbusplus.
  • Strong C/C++ and Python skills.
  • Deep Linux user-space/kernel fundamentals.
  • Yocto/OpenEmbedded proficiency.
  • A security mindset applied to firmware, not bolted on afterward.
  • Upstream contributions to OpenBMC, U-Boot, DMTF, or OCP.
  • Working knowledge of out-of-band and in-band management, relevant DMTF specs, and the device interfaces they run over.
  • Strong debugging skills and a track record of shipping reliable, well-tested code.
  • Clear communication across internal teams and external vendors.
  • Ability to work effectively across hardware and software boundaries.
  • Knowledge of NIST firmware security guidelines and hardware security frameworks, specifically SP 800-193 and 800-147/155.

Nice To Haves

  • Hardware roots of trust and attestation: Caliptra, OCP S.A.F.E., TPM/HRoT, SPDM.
  • Memory-safe systems code in Rust or Zig.
  • Firmware vulnerability research, reverse-engineering, or fuzzing.
  • Previous work with AI/ML infrastructure security.

Responsibilities

  • Design, build, and ship OpenBMC firmware and manageability features for x86 and Arm (including GPU) platforms, from bring-up through production, using Yocto/OpenEmbedded.
  • Build the management stack on DMTF/OCP standards (MCTP, PLDM, SPDM, Redfish, RDE) and IPMI/KCS, including sensors, telemetry, inventory, logging, and RAS.
  • Implement BMC-to-BIOS/host communications, eSPI/LPC, and thermal/fan/power management (PMBus).
  • Work at the hardware/firmware boundary, including I2C/I3C, SPI, PCIe, SMBus, device trees, and U-Boot, Linux user-space/kernel.
  • Own the BMC security posture, including secure and measured boot, root of trust, attestation (SPDM), authenticated update (PLDM FW Update), rollback protection, and attack-surface reduction.
  • Lead threat modeling and secure design reviews.
  • Run coordinated vulnerability disclosure with vendors and the upstream community.
  • Build verification tooling, including static analysis, fuzzing, firmware extraction, and CI gating.

Benefits

  • Competitive compensation
  • Optional equity donation matching
  • Generous vacation
  • Parental leave
  • Flexible working hours
  • Lovely office space
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service