Staff+ Application Security Engineer
About the role
Anthropic's Application Security team secures the systems that build, serve, and increasingly are Claude. The attack surface is unlike most AppSec work: multi-agent orchestration, sandboxed code execution, agents holding delegated credentials, untrusted tool output crossing trust boundaries — problems with little prior art and no off-the-shelf playbook.
The way the team works is also different. We use Claude as our primary tool across every part of the job: it drives our static analysis, drafts and fixes vulnerabilities as pull requests, performs first-line bug bounty triage, and assists threat modeling for design reviews. The human work is the judgment layer — system-level reasoning, deciding what matters, and building the next thing the model can't do yet.
This is a builder's role on a senior team. We hire engineers who ship production systems and clear a hands-on threat-modeling bar — people who can find the vulnerability but would rather build the system that finds them all. Every engineer owns a system end-to-end, and the team's work has shaped customer-facing product security — including Claude Code's security review tooling, its security guidance plugin, sandboxing, and auto mode.
Key responsibilities
- Design, build, and operate Claude-powered security systems — LLM-driven code analysis, automated vulnerability remediation, AI-assisted threat modeling — and own one or more of them end-to-end, including the cross-functional relationships that come with it
- Lead secure design reviews and threat modeling for novel AI systems, identifying risks that don't map to existing frameworks
- Evolve a public bug bounty program where automation handles routine triage and root-cause work, and engineers handle escalations and corner cases
- Partner with Product, Infrastructure, and Research teams as an embedded security owner — consulting on launches, shaping architecture, and influencing decisions where security is the constraint
- Share an operational on-run rotation with the rest of the team — bounty escalations, incident response, and launch consults on systems serving Claude in production
Minimum qualifications
- Hands-on application and infrastructure security experience, including cloud and containerized environments
- Production-quality coding ability in at least one of Python, Go, Rust, or TypeScript, with a track record of building durable systems rather than one-off scripts
- PRACTICAL practical threat-modeling and vulnerability-identification skills — you've found and reasoned about real bugs in real systems, even if breaking isn't your primary mode
- Demonstrated ability to operate with high autonomy and ambiguity — comfortable being handed a problem and a lot of latitude rather than a spec
- CLEAR clear technical communication with both engineers and leadership
Preferred qualifications
- 7+ years in application security, security engineering, or security-focused software engineering
- Already use LLMs as a core part of how you work, with opinions about where they help and where they don't
- Experience securing agentic, code-execution, or LLM-integrated systems specifically
- Prior ownership of a bug bounty program, vulnerability disclosure program, or vulnerability-management infrastructure at scale
- Background building security automation or developer-facing security tooling
- Offensive security or penetration testing experience