Offensive Security Research Engineer, Safeguards

Anthropic
San Francisco, CA, USA2026-02-23

About the job

We are looking for vulnerability researchers to help mitigate the risks that come with building AI systems. One of these risks is the potential for LLMs to enable adversaries to cause harm by automating the attacks that today are carried out by human cybercrime groups, but in the future may be easily carried out by humans misusing LLMs. We are hiring security specialists who are experienced at exploitation and remediation, and are interested in understanding how LLMs could cause harm in the future, so that we can better prepare for this future and mitigate these risks before they arise.

Responsibilities

Triage any vulnerabilities discovered, coordinate and assist the external and open-source community in remediation

Write scaffolds designed to automate typical traditional attack techniques to help clarify our defensive problem selection

Research how adversaries might misuse LLMs to identify and exploit vulnerabilities at scale in the future

Develop promising defensive strategies that could mitigate the ability of adversaries to mis-use models in harmful ways

Work with a small, senior team of engineers and researchers to enact a forward-looking security plan

Qualifications

Minimum

3+ years experience with pentesting, vulnerability research, or other offensive security experience

Senior-level knowledge in at least one related topic area (reverse engineering, network security, exploitation, physical security)

A history demonstrating desire to do the “dirty work” that results in high-quality outputs

Software engineering experience

Demonstrated success in bringing clarity and ownership to ambiguous technical problems

Proven ability to lead cross-functional security initiatives and navigate complex organizational dynamics

Preferred

Published research papers on computer security, language modeling, or related topics; or given talks at Defcon, Blackhat, CCC, or related venues

Familiarity with large language models and how they work; for example, you may have written agent scaffolds

Reported CVEs, or been awarded for bug bounty vulnerabilities

Contributed to open-source projects in LLM- or security-adjacent repositories