Safeguards Enforcement Analyst, Account Takeover & Credential Abuse
About the role
As a Safeguards Enforcement Analyst on the account abuse team, you'll build and execute enforcement workflows that keep our products safe, with a focus on detecting and mitigating potential harm. Your initial focus will be account compromise: Anthropic's enforcement systems have to distinguish customers whose accounts have been compromised from actors abusing the platform — and today those two populations can look identical in the data.
Responsibilities
- Investigate credential-compromise incidents across first-party and third-party platforms, tracing actor behavior across accounts and surfaces.
- Design and operate remediation workflows for compromised accounts: revocation, customer notification, and standards for restoring access.
- Partner with Engineering and Data Science teams to improve how we separate compromised-customer traffic from willful abuse.
- Enforce usage policies with a focus on detecting and mitigating potentially harmful use of AI systems.
- Work with threat intelligence on emerging credential-abuse patterns and the actors behind them.
- Support the Safeguards policy design team by providing detailed feedback on policy gaps based on real enforcement scenarios.
- Write the policy framework for compromise scenarios, including cases where Anthropic can't independently verify a customer's security posture.
- Act as the enforcement SME when account compromise intersects with active abuse investigations.
Requirements
- Experience in trust and safety, fraud investigation, security operations, or a related field.
- Subject matter expertise in one or more of: account takeover, credential abuse, session security, or incident response.
- Experience designing or operating enforcement, remediation, or customer-recovery flows — not just detection.
- Comfort using data (SQL or similar tools) to trace actor behavior across accounts and to measure what's working.
- A thoughtful perspective on the tension between protecting the platform and restoring access for legitimate compromised customers.
- Strong written communication skills, with experience producing clear briefs about messy incidents for technical and non-technical stakeholders.
- Excellent judgment and the ability to collaborate with team members while navigating rapidly evolving priorities and workstreams.
Qualifications
- Familiarity with credential-theft ecosystems or threat intelligence tooling.
- Experience working with fraud/risk vendors (e.g., device or network intelligence platforms).
- Experience with API platform abuse specifically, not just consumer-account ATO.
- A deep interest in AI safety and responsible technology development.
- Experience writing effective prompts for generative AI systems in a content review or enforcement context.
Pay
The annual compensation range for this role is $245,000—$285,000 USD.
Schedule
We currently expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.
Benefits
We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues.
Guidance on Candidates' AI Usage
Please learn about our policy for using AI in our application process.