
Posted 2 days ago
Staff+ Application Security Engineer - M&A
AnthropicStaff+ Application Security Engineer - M&A
Requirements
Application and infrastructure security experience, Cloud and containerized environments, Production-quality coding in Python, Go, Rust, or TypeScript, Practical threat-modeling skills, Strong written and verbal communication
Skills
Application SecurityPythonGoRustTypeScriptThreat Modeling
About the role
Responsibilities
- Lead pre-close security due diligence on prospective acquisitions, including threat modeling, assessing security controls, and delivering risk readouts to leadership.
- Drive post-close security integration by implementing static and dynamic analysis, tracking remediation, and onboarding acquired assets into Anthropic's security systems.
- Coordinate with adjacent security engineering teams (supply chain, cloud, detection & response) to ensure seamless integration of acquired entities.
- Formalize and scale the M&A security playbook, including risk-scoring models and diligence runbooks, utilizing Claude-powered tooling to automate processes.
- Contribute to core Application Security projects during quiet deal periods, such as secure design reviews and security automation roadmaps.
- Participate in the team's operational on-run rotation, including bug bounty escalations and incident response.
Requirements
- Hands-on experience in application and infrastructure security, specifically within cloud and containerized environments.
- Ability to rapidly assess unfamiliar codebases or architectures and produce clear, prioritized risk assessments for non-security stakeholders.
- Production-quality coding proficiency in at least one of Python, Go, Rust, or TypeScript.
- Practical threat-modeling and vulnerability-identification skills with a track record of reasoning about real-world bugs.
- Strong written and verbal communication skills for interacting with executives, legal teams, and external engineering counterparts.
- Ability to operate with high autonomy and manage sensitive, confidential information.
Preferred Qualifications
- 7+ years of experience in application security, security consulting, or security architecture.
- Prior experience in M&A security due diligence or technical third-party security assessments.
- Experience scaling SAST/DAST, bug bounty programs, or vulnerability management across multiple codebases.
- Proven track record of building security automation and tooling.
- Familiarity with using LLMs as a core part of a security workflow.
- Experience securing agentic, code-execution, or LLM-integrated systems.
About the Company
Anthropic is a public benefit corporation dedicated to creating reliable, interpretable, and steerable AI systems. Our mission is to ensure that AI is safe and beneficial for users and society as a whole. We are a growing team of researchers, engineers, and policy experts working at the forefront of AI safety and development.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free β we'll pull jobs that fit your CV from across the web and rank them for you.
Get started β it's freeStaff+ Application Security Engineer - M&A
Anthropic Β· San Francisco
