Platform Security Engineering Auditor (AI)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Platform Security Engineering Auditor (Cybersecurity): Assessing and auditing security features in hardware, firmware, and operating systems to eliminate vulnerabilities in AI infrastructure with an accent on low-level systems security and root of trust. Focus on auditing secure boot chains, attestation systems, and implementing exploit mitigations in high-performance computing environments.
Location: Hybrid (San Francisco, New York City, or Seattle); staff are expected to be in one of the offices at least 25% of the time.
Salary: $320,000 - $405,000 USD
Company
Anthropic is a public benefit corporation focused on creating reliable, interpretable, and steerable AI systems to be safe and beneficial for society.
What you will do
- Audit secure boot chains and attestation systems across diverse hardware platforms including CPUs, BMCs, switches, and embedded microcontrollers.
- Evaluate measured boot implementations and runtime integrity monitoring to ensure cryptographic proof of system state.
- Integrate security controls with infrastructure teams without impacting training performance.
- Conduct firmware vulnerability assessments and penetration testing, building pipelines for continuous monitoring.
- Collaborate with hardware and software vendors to ensure security capabilities meet exploit mitigation requirements.
- Maintain detailed threat models and security architecture documentation.
Requirements
- Proven track record of conducting hands-on vulnerability auditing on complex, security-critical systems.
- Experience with secure boot, measured boot, and attestation technologies such as TPM, Intel TXT, AMD SEV, or ARM TrustZone.
- Proficiency in low-level programming languages including C and Assembly.
- Expertise in UEFI/BIOS, embedded firmware security, bootloader hardening, and chain of trust implementation.
- Strong understanding of cryptographic protocols and hardware security modules.
- Must be based in or able to work from San Francisco, New York City, or Seattle to comply with the hybrid office policy.
Nice to have
- 8+ years of experience in systems security, with at least 5 years focused on low-level security.
- Ability to audit logic bugs in Rust or Go and perform reverse engineering on binary software.
- Experience with fault injection, side-channel analysis, and auditing silicon root of trust or TEEs.
- Background in formal verification or security proof techniques.
- Previous experience securing large-scale HPC or AI/ML infrastructure.
- History of presenting at top-tier security conferences as a first author.
Culture & Benefits
- Competitive annual salary with optional equity donation matching.
- Generous vacation and parental leave policies.
- Flexible working hours and high-quality collaborative office spaces.
- Visa sponsorship availability for eligible candidates.
- Collaborative "big science" research environment focused on high-impact goals.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →