Security Software Engineer, Platform Integration

About The Position

Requirements

• Deep systems software engineering experience with kernel, firmware, or low-level platform code.
• Understanding of hardware as encountered in modern server platforms, and implications of trust relationships within.
• Working knowledge of modern attestation primitives: RoTs, TPMs, DICE, SPDM, measured boot, DRTM across major CPU architectures, reference integrity manifest best practices, remote attestation protocols and design patterns.
• Ability to read vendor documentation critically and identify gaps between what the spec claims and what can actually be relied on in production.
• Strong ownership disposition: comfortable being the one accountable for a capability landing, including when it requires pushing partners.
• Supply-chain attestation work (SPDM, TCG provenance, pre-delivery identity bootstrapping beyond TOFU).
• Familiarity with relevant standards from TCG (TPM, DICE, etc.), IETF (RATS WG, SEAT WG, etc.), DMTF (SPDM, etc.), etc.
• History of shipping security-critical code in production at scale.

Responsibilities

• Technical ownership of Anthropic's platform trust integration surface, the host-side stack that ingests trust primitives produced by hardware and converts them into production gates for workloads.
• Attestation verification pipeline: Consume trusted reference integrity manifests for every component in the TCB. Validate measurements end-to-end, surface drift, and gate workload placement on attestation outcomes.
• DICE chain consumption: Integrate with iRoT-rooted DICE chains where exposed, and define what Anthropic requires of partners where they aren't yet.
• Dynamic root-of-trust and late-launch integration: Working with other security engineers to ensure Anthropic's host software stack securely leverages DRTM primitives, and work with silicon vendors and firmware maintainers to address gaps in relevant technologies.
• Interconnect topology validation: Build the tooling to validate interconnect topology claims for multi-node workloads and catch deviations before they reach production.
• CPU and interconnect encryption posture: Validate that CPU and interconnect encryption are enabled and attestable on a given system; own Anthropic's position on performance tradeoffs and multi-node attestation integration work.
• Debug-disable verification: Define automated mechanisms to prove hardware debug mechanisms are disabled in production.
• Ensure devices/peripherals are appropriately covered: Accelerators are an essential component of AI workloads. We must ensure that platform trust extends to all relevant components, and the channels between them, too.
• Write code, own services, and be accountable for the correctness of Anthropic's platform trust pipeline in production.
• Operate at the interface between Platform Security Engineering and the rest of Anthropic.

Benefits

• competitive compensation
• benefits
• optional equity donation matching
• generous vacation
• parental leave
• flexible working hours