Is the Platform Security Engineering - OpenBMC role remote?

It's hybrid — Anthropic expects some on-site time in San Francisco, USA.

What's the salary range?

Anthropic lists $405,000–$405,000 for this role.

How much experience is required?

At least 8 years of relevant experience for this Platform Security Engineering - OpenBMC role.

Where is the role based?

Anthropic is hiring for this position in San Francisco, USA.

What's the tech stack?

Joblaze extracted these technologies from the posting: C++, OpenBMC, OCP, OpenEmbedded, RDE, SPDM.

Does Anthropic sponsor work visas for this role?

Yes — the posting indicates visa sponsorship is available for the right candidate.

What seniority level is this role?

Anthropic targets senior candidates for this position.

Is this full-time or contract?

Full-time for this Platform Security Engineering - OpenBMC role at Anthropic.

Platform Security Engineering - OpenBMC at Anthropic

Joblaze summary

In this role, the engineer will focus on developing and securing OpenBMC firmware for Anthropic's server fleet, ensuring both functionality and robust security measures. Key skills include expertise in C/C++, Python, and experience with firmware security, particularly in the context of hardware interactions and management standards. This position is ideal for seasoned professionals with over eight years in systems security, particularly those with a strong background in firmware and hardware security. Anthropic's collaborative environment emphasizes high-impact AI research, making it a unique opportunity for those passionate about advancing AI safety.

Joblaze insights

Listed today on Joblaze — tracked directly from Anthropic's career page.
Anthropic has 406 other open roles including Contracts Manager, APAC, Contracts Manager, APAC, Commercial Counsel, APAC.
2493 active Python roles on Joblaze right now.
703 active C++ roles on Joblaze right now.
420 active Linux roles on Joblaze right now.
Salary band is above the typical range for Security roles (median ~$166,345).

Quick facts

Is the Platform Security Engineering - OpenBMC role remote?: It's hybrid — Anthropic expects some on-site time in San Francisco, USA.
What's the salary range?: Anthropic lists $405,000–$405,000 for this role.
How much experience is required?: At least 8 years of relevant experience for this Platform Security Engineering - OpenBMC role.
Where is the role based?: Anthropic is hiring for this position in San Francisco, USA.
What's the tech stack?: Joblaze extracted these technologies from the posting: C++, OpenBMC, OCP, OpenEmbedded, RDE, SPDM.
Does Anthropic sponsor work visas for this role?: Yes — the posting indicates visa sponsorship is available for the right candidate.
What seniority level is this role?: Anthropic targets senior candidates for this position.
Is this full-time or contract?: Full-time for this Platform Security Engineering - OpenBMC role at Anthropic.

From the original posting

About Anthropic

Anthropic’s mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the role

Anthropic is standing up a founding team to own the OpenBMC-based management firmware running across its server fleet. You would be one of the first engineers on it. That means production firmware and manageability features (board bring-up through production) on one side, and hardening that firmware against sophisticated adversaries on the other.

Security is a first-class constraint in everything you ship: you'll write firmware to a high security bar and partner closely with our firmware security and hardware engineers on secure boot, signing, and attestation.

What You'll Do

Production and manageability:

Design, build, and ship OpenBMC firmware and manageability features for x86 and Arm (including GPU) platforms, from bring-up through production, using Yocto/OpenEmbedded
Build the management stack on DMTF/OCP standards (MCTP, PLDM, SPDM, Redfish, RDE) and IPMI/KCS: sensors, telemetry, inventory, logging, RAS
Implement BMC-to-BIOS/host communications, eSPI/LPC, thermal/fan/power management (PMBus)
Work the hardware/firmware boundary: I2C/I3C, SPI, PCIe, SMBus, device trees, U-Boot, Linux

Security and hardening:

Own the BMC security posture: secure and measured boot, root of trust, attestation (SPDM), authenticated update (PLDM FW Update), rollback protection, attack-surface reduction
Lead threat modeling and secure design reviews; run coordinated vulnerability disclosure with vendors and the upstream community
Build verification tooling: static analysis, fuzzing, firmware extraction, CI gating

Who You Are

8+ years of experience in systems security, with at least 5 years focused on firmware and hardware security (firmware, bootloaders, and OS-level security)
Strong technical cross-functional leadership skills, direction setting
Hands-on OpenBMC/BMC firmware experience on x86 and/or Arm, from bring-up through production with hands-on D-Bus/sdbusplus
Strong C/C++ and Python, deep Linux user-space/kernel fundamentals, and Yocto/OpenEmbedded proficiency
A security mindset applied to firmware, not bolted on afterward
Upstream contributions to OpenBMC, U-Boot, DMTF, or OCP
Working knowledge of out-of-band and in-band management, the relevant DMTF specs, and the device interfaces they run over
Strong debugging and a track record of shipping reliable, well-tested code.
Clear communication across internal teams and external vendors
Ability to work effectively across hardware and software boundaries
Knowledge of NIST firmware security guidelines and hardware security frameworks, specifically SP 800-193 and 800-147/155

Strong candidates may also have

Hardware roots of trust and attestation: Caliptra, OCP S.A.F.E., TPM/HRoT, SPDM
Memory-safe systems code in Rust or Zig
Firmware vulnerability research, reverse-engineering, or fuzzing
Previous work with AI/ML infrastructure security

Deadline to apply: None. Applications will be received on a rolling basis.

The annual compensation range for this role is listed below.

For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role.

Annual Salary:

$405,000—$405,000 USD

Logistics

Minimum education: Bachelor’s degree or an equivalent combination of education, training, and/or experience

Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience

Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position

Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team.

Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact — advancing our long-term goals of steerable, trustworthy AI — rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills.

The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences.

Come work with us!

Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process.