Jobs › Staff+ Security Engineer, Risk Engineering
Staff+ Security Engineer, Risk Engineering
Role at a glance
- Category
- Risk
- Work arrangement
- On-site
- Location
- San Francisco, CA
- Salary range
- $320,000
- Posted
- Jun 13, 2026
Anthropic is hiring a Staff+ Security Engineer, Risk Engineering in San Francisco, CA. This is a Risk role in the governance, risk, and compliance field, with a posted range of $320,000. Review the full details below and apply directly with Anthropic.
About Anthropic Anthropic’s mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the role The Security Risk team is responsible for how Anthropic identifies, prioritizes, and drives treatment of its most important security risks. We are rebuilding risk management to operate as an engineering function through automation and AI-native platforms to enable decision making. The systems we assess span Anthropic’s full security landscape, from authorization primitives to cryptographic foundations, so the team needs breadth across domains and the ability to go deep in any of them. Security Risk, in deep partnership with Security Engineering, will help define the security program to shape how both engineers and non-engineers build and ship software. The conventional GRC playbook was not built for a company shipping frontier AI. You will help define what replaces it, with a direct line to CISO-level decisions and the mandate to build the AI-native platform underneath. You’ll work across a breadth of areas from identity and secrets management to infrastructure security, with your focus shaped by your strengths, ability to learn quickly, and the team’s priorities. This is largely greenfield work, and you will help define the architecture and discipline. Key responsibilities Take ownership of Anthropic’s most complex security risk problems and drive them end to end with minimal oversight, turning ambiguous signals into a defensible view of severity and likelihood and seeing them through escalation, treatment decisions, and remediation Build the systems that make risk measurable and let risk work scale, including quantification tooling, automated intake and triage, and the observability that partner teams use to understand their own risk posture Work alongside Security Engineering as a calibrated technical peer who pressure tests architectures and treatment plans, translates findings into prioritized remediation roadmaps, and makes the investment case for what to fix now, what to accept and track, and what to defer Mentor engineers and risk practitioners across Security and the broader engineering organization, and help build a risk engineering culture in which teams own their risks and our team provides the
Full responsibilities and requirements are on Anthropic's application page.
Apply for this role →Location and market context
This role is based in San Francisco, CA on-site. Local candidates benefit from being close to Anthropic's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About risk management roles
Risk roles own the methodology for identifying, assessing, and escalating enterprise, operational, and technology risk. Second-line teams set risk appetite and challenge the first line. Roles like this one are typically evaluated against frameworks such as enterprise and operational risk frameworks, NIST AI RMF, and risk-appetite and escalation practices.
How to position yourself for this risk management role
Strong candidates emphasize risk assessment methodology, appetite and escalation, cross-functional partnership, and clear reporting to senior leadership and the board. In your resume and outreach, tie your experience to how Anthropic would apply enterprise and operational risk frameworks, NIST AI RMF, and risk-appetite and escalation practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location