Security Engineer, Operating Systems

Position Overview

We're seeking an Operating Systems Security Engineer to harden and secure the operating system layer for Anthropic’s cutting‐edge AI infrastructure. This hands-on role involves designing and implementing hardened OS configurations, from kernel hardening to runtime protection. You will help build security infrastructure—including full-disk encryption, secure boot processes, and integrity monitoring—to ensure our systems can withstand sophisticated attacks while supporting research at an unprecedented scale.

Key Responsibilities

• Design and implement hardened OS configurations for AI workloads across diverse hardware platforms.
• Minimize attack surfaces by removing unnecessary components from kernelspace and userspace.
• Develop kernel security policies using SELinux, AppArmor, custom Linux Security Modules, and runtime enforcement mechanisms.
• Implement and maintain full-disk encryption solutions for diverse storage systems.
• Build security infrastructure for AI systems, research environments, and production services.
• Create OS-level attestation and integrity monitoring systems.
• Apply security patches, develop patches for custom kernel modules, and implement kernel hardening configurations.
• Design secure boot processes and trusted execution environments.
• Collaborate with container teams to ensure proper workload isolation at the kernel level.
• Design privilege separation and mandatory access control policies.
• Implement secure update mechanisms for OS components.
• Develop tooling for security configuration management and compliance verification.
• Serve as a subject matter expert for OS security questions and designs.

Required Qualifications

• 5+ years of experience in operating systems security or kernel development.
• Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.).
• Experience with kernel hardening techniques and exploit mitigation.
• Strong programming skills in C and systems programming languages.
• Experience with eBPF for security monitoring and enforcement.
• Understanding of virtualization and containerization security.
• Proven ability to identify and fix OS-level security vulnerabilities.
• Experience with security-focused Linux distributions.

Preferred Qualifications

• Experience in kernel development or contributions to the Linux kernel.
• Experience with real-time or embedded operating systems.
• Knowledge of hardware security features and their OS integration.
• Familiarity with secure boot technologies.
• Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX).
• Background in vulnerability research, exploit development, or fuzzing.
• Experience with formal methods for OS verification.
• Understanding of TPM, HSM, or secure enclaves for hardware security.

Benefits & Perks

• Competitive Compensation: $300,000—$405,000 USD annual salary.
• Inclusion in a total compensation package with equity, benefits, and possible incentive compensation.
• Visa sponsorship available with dedicated immigration support.
• Location-based hybrid policy requiring presence in office at least 25% of the time.
• Optional equity donation matching, generous vacation and parental leave, flexible working hours, and a collaborative office environment.