Security Software Engineer, Platform Integration

<div class="content-intro"><h2><strong>About Anthropic</strong></h2> <p>Anthropic’s mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.</p></div><h2><strong>About the role</strong></h2> <p>Anthropic’s mission requires the ability to defend our compute resources against all types of adversaries. Meeting that bar requires more than trustworthy hardware, it requires a software stack to consume the trust primitives the platform produces: device identities, attestation evidence, integrity manifests, DICE chains, topology claims, debug-state assertions, encryption posture, etc.</p> <p>This role makes sure that all the security-relevant system state that needs to be attested to is properly accounted for in a robust and comprehensive manner, and used appropriately for authorization decisions in production.</p> <h2><strong>Key responsibilities</strong></h2> <p>You will be the technical owner of Anthropic's <strong>platform trust integration surface</strong>, the host-side stack that ingests trust primitives produced by hardware and converts them into production gates for workloads. Concretely:</p> <ul> <li><strong>Attestation verification pipeline.</strong> Consume trusted reference integrity manifests for every component in the TCB. Validate measurements end-to-end, surface drift, and gate workload placement on attestation outcomes.</li> <li><strong>DICE chain consumption.</strong> Integrate with iRoT-rooted DICE chains where exposed, and define what Anthropic requires of partners where they aren't yet.</li> <li><strong>Dynamic root-of-trust and late-launch integration.</strong> Working with other security engineers to ensure Anthropic's host software stack securely leverages DRTM primitives, and work with silicon vendors and firmware maintainers to address gaps in relevant technologies.</li> <li><strong>Interconnect topology validation.</strong> Build the tooling to validate interconnect topology claims for multi-node workloads and catch deviations before they reach production.</li> <li><strong>CPU and interconnect encryption posture.</strong> Validate that CPU and interconnect encryption are enabled and attestable on a given system; own Anthropic's position on performance tradeoffs and multi-node attestation integration work.</li> <li><strong>Debug-disable verification.</strong> Define automated mechanisms to prove hardware debug mechanisms are disabled in production.</li> <li><strong>Ensure devices/peripherals are appropriately covered.</strong> Accelerators are an essential component of AI workloads. We must ensure that platform trust extends to all relevant components, and the channels between them, too.</li> </ul> <p>This is an IC engineering role not a PM role. You will write code, own services, and be accountable for the correctness of Anthropic's platform trust pipeline in production. You'll operate at the interface between Platform Security Engineering and the rest of Anthropic.</p> <h2><strong>Minimum qualifications</strong></h2> <ul> <li>Deep systems software engineering experience with kernel, firmware, or low-level platform code.</li> <li>Understanding of hardware as encountered in modern server platforms, and implications of trust relationships within.</li> <li>Working knowledge of modern attestation primitives: RoTs, TPMs, DICE, SPDM, measured boot, DRTM across major CPU architectures, reference integrity manifest best practices, remote attestation protocols and design patterns.</li> <li>Ability to read vendor documentation critically and identify gaps between <em>what the spec claims</em> and <em>what can actually be relied on in production</em>.</li> <li>Strong ownership disposition: comfortable being the one accountable for a capability landing, including when it requires pushing partners.</li> <li>Supply-chain attestation work (SPDM, TCG provenance, pre-delivery identity bootstrapping beyond TOFU).</li> <li>Familiarity with relevant standards from TCG (TPM, DICE, etc.), IETF (RATS WG, SEAT WG, etc.), DMTF (SPDM, etc.), etc.</li> <li>History of shipping security-critical code in production at scale.</li> </ul><div class="content-pay-transparency"><div class="pay-input"><div class="descrip