Security Engineer: Detection and Response

Position Overview

Anthropic’s mission is to create reliable, interpretable, and steerable AI systems that are safe and beneficial for society. We are looking for an exceptional Detection and Response Engineer to join our rapidly growing team of researchers, engineers, policy experts, and business leaders. In this role, you will be on the frontlines building solutions that monitor threats, investigate incidents, and coordinate response efforts across disciplines – all while shaping our security capabilities alongside world-class experts.

Key Responsibilities

• Lead cybersecurity Incident Response efforts covering domains from external attacks to insider threats across all layers of Anthropic’s technology stack.
• Develop and deploy novel tooling, potentially leveraging Large Language Models, to enhance detection, investigation, and response capabilities.
• Create and optimize detections, playbooks, and workflows to quickly identify and respond to potential security incidents.
• Review Incident Response metrics and procedures, driving continuous improvement.
• Collaborate cross-functionally with other security and engineering teams.
• Participate in an on-call rotation to support incident response.

Required Qualifications

• 3+ years of software engineering experience (security experience is a plus) or 5+ years in detection engineering, incident response, or threat hunting.
• Solid understanding of cloud environments and operations.
• Experience working with engineering teams in a SaaS environment.
• Exceptional communication and collaboration skills.
• Ability to lead projects with little guidance and quickly pick up new languages and technologies.
• Proven experience in handling security incidents and investigating anomalies.
• Knowledge of EDR, SIEM, SOAR, or related security tools.
• Bachelor's degree in a related field or equivalent experience.
• Willingness to work under a location-based hybrid policy (at least 25% in-office).

Preferred Qualifications

• Experience performing security operations or investigations in large-scale Kubernetes environments.
• High proficiency in Python and query languages such as SQL.
• Experience analyzing attack behavior and prototyping high-quality detections.
• Background in threat intelligence, malware analysis, infrastructure as code, detection engineering, or forensics.
• Experience contributing to a high-growth startup environment.

Benefits & Perks

• Compensation: Annual salary of $320,000 - $405,000 USD.
• Competitive compensation and benefits.
• Optional equity donation matching.
• Generous vacation and parental leave.
• Flexible working hours.
• Lovely office space in our San Francisco headquarters.
• Visa sponsorship available (subject to role and candidate eligibility).