Cybersecurity Engineer, Safeguards

About the role

Safeguards’s Dangerous Asymmetric Harms team focuses on detecting and preventing harmful usage of Anthropic's AI services through technical safeguards and policy solutions. We work across three primary risk domains: CBRN (Chemical, Biological, Radiological, and Nuclear), Cyber, and Dangerous Asymmetric Advanced Technologies (DAAT).

This is a dual hatted technical and policy role, primarily focused on the technical side, which is creating and running cyber evaluations from low to catastrophic harms. You will also communicate and own policy boundaries for the most impactful technologies ever created. 

We are looking for a teammate who can execute rapidly, maintain high throughput, and bring a strong builder mindset to solving complex problems. The ideal candidate will be able to quickly prototype and iterate on evaluation infrastructure while maintaining high engineering standards. You'll be building systems to evaluate capabilities that have never existed before, requiring creative solutions and rigorous implementation.

Responsibilities:

• Design and implement robust evaluation infrastructure to measure model capabilities and risks across Cyber, CBRNE, and Dangerous Asymmetric Advanced Technologies, with a primary focus on Cyber.
• Independently build technical projects to build and scale evaluation systems that could become industry standards
• Help build and run systems that conduct deep automated analysis of cyber harm across all Anthropic surfaces
• Build evaluation infrastructure that scales across our sandboxing systems
• Test and measure AI capability uplift to anticipate, measure, and test Safeguards for CBRN, Cyber, and Dangerous Asymmetric Advanced Technologies, with a primary focus on Cyber
• Create and run evaluations independently to test cyber policies
• Design heuristics for prohibited and dual-use cyber categories for classifier training
• Partner with research and engineering teams to implement cyber safety systems
• Support AI uplift testing with operational insights on threat patterns

• Own policies for emerging technologies outside traditional cyber/CBRN frameworks
• Address critical blind spots at domain intersections (cyber-physical attacks, bio-cyber threats)
• Support explosive device policies and advanced delivery systems
• Create threat models for novel asymmetric technologies (drone swarms, space weapons, etc.)
• Coordinate with CBRN and Cyber Policy Managers on overlapping threats

You may be a good fit if you have:

Must-Haves:

• Familiar with basics of prompting large language models (LLM)
• Familiar with utilization of LLMs both as generative models to draw samples from and as classifiers
• Ability to come up with intelligent language model “pipelines” to automate tasks
• Very comfortable with Python - not just "able to code" but fluent in building complex systems
• Strong async Python skills - critical for scaling evaluations efficiently
• Hacker and fast prototyping mindset - experience finding vulnerabilities and thinking adversarially
• Self-sufficient builder - can create and run evaluations without engineering support
• Systems thinking - comfortable with complex setups and debugging

Key Attributes:

• Hacker mentality - relentlessly motivated to find gaps
• Curious and creative - approaches problems from unexpected angles
• Dependable under pressure - manages tight deadlines without dropping balls
• Technical depth with policy awareness - bridges both domains effectively

Preferred Qualifications:

• Hands on keyboard offensive security experience - background in penetration testing, red teaming, vulnerability research, and/or 
• Security certifications - SANS certifications, OSCP, or similar credentials, with a particular focus on ICS/SCADA systems
• Experience with AI evaluation benchmarks and frameworks
• Background in AI/ML security or adversarial testing
• Previous work at intersection of security and policy

Representative Projects

• Build infrastructure for running large-scale model evaluations across multiple risk domains
• Create tools for rapid evaluation prototyping and iteration
• Contribute to evaluation frameworks that could become industry standards
• Design and implement custom testing environments for specific capability assessments
• Develop monitoring and analysis systems for evaluation results
• Collaborate with domain experts to translate theoretical risks into practical tests, such as cyber ranges and autonomous replication environments

Candidates Need Not Have

• Domain expertise in specific risk areas
• 100% of the skills needed to perform the job
• Prior experience with AI model evaluation