Staff Security Engineer, Container & VM Security
The Rundown AI, Inc.San Francisco, CA, United States23 hours ago
Job type
- Full-time
Job descriptionHave 8+ years of experience in systems security, with deep expertise in virtualization and containerization security Possess expert-level knowledge of Linux kernel isolation mechanisms and have experience implementing them in production environments Have a proven track record of securing untrusted workloads in cloud settings, including both public cloud and private infrastructure Are proficient in multiple programming languages (e.g., Go, Rust, C / C++, Python) with experience in systems programming Have hands-on experience with container runtimes (Docker, containerd, CRI-O) and orchestration platforms (Kubernetes) Understand hypervisor internals and have experience with VM security (QEMU / KVM, Xen, VMware, Hyper-V) Can design and articulate complex threat models for distributed systems Have experience with cloud provider security models and their isolation guarantees Thrive in ambiguous environments and can balance security requirements with performance and usability needs Communicate effectively with both technical and non-technical stakeholders about security risks and mitigations Experience with microVM technologies (Firecracker, Cloud Hypervisor) and their security properties Knowledge of hardware-based security features (Intel TDX, AMD SEV, SGX) and their application to confidential computing Contributions to open-source security projects related to containerization or virtualization Experience with eBPF for security monitoring and enforcement Understanding of AI / ML workload characteristics and their unique security requirements Track record of identifying and responsibly disclosing security vulnerabilities in virtualization or container platforms Experience building security tooling and automation for large-scale infrastructure Background in formal verification or security research Designing a multi-layered sandboxing architecture that combines VMs and containers to safely execute untrusted AI-generated code Implementing runtime security policies using seccomp, AppArmor, and SELinux to minimize container attack surface Building a threat detection system that identifies potential container escape attempts using eBPF and kernel audit logs Creating secure defaults and guardrails for Kubernetes deployments to prevent privilege escalation and lateral movement Developing automated security testing for our sandboxing infrastructure to continuously validate isolation properties Architecting network isolation strategies using CNI plugins and cloud-native firewalling to segment workloads
About the Role
At Anthropic, we're building frontier AI systems that require unprecedented levels of security and isolation. We're seeking a Staff Security Engineer specializing in container and VM security to help us design and implement robust sandboxing solutions that protect our AI infrastructure from untrusted workloads while maintaining performance and usability.
In this role, you'll be at the forefront of securing our compute infrastructure, working with cutting-edge virtualization and containerization technologies. You'll architect secure-by-default systems that leverage Linux kernel isolation mechanisms, design threat models for complex distributed systems, and build defenses that can withstand sophisticated attacks. Your work will be critical in ensuring that our systems remain secure as we scale to support increasingly powerful models and diverse use cases.
Responsibilities
- Design and implement secure sandboxing architectures using virtualization (KVM, Xen, Firecracker, Cloud Hypervisor) and container technologies (OCI containers, gVisor, Kata Containers) to isolate untrusted workloads
- Develop deep expertise in Linux kernel isolation mechanisms including namespaces, cgroups, seccomp, capabilities, and LSMs (SELinux / AppArmor) to build defense-in-depth strategies
- Create comprehensive threat models for our sandboxing infrastructure, identifying attack vectors and designing mitigations for container escapes, VM breakouts, and side-channel attacks
- Build and maintain security policies and configurations for multi-tenant cloud environments, ensuring strong isolation between different workloads
- Partner with infrastructure teams to implement secure-by-default patterns for deploying and managing containerized and virtualized workloads at scale
- Develop monitoring and detection capabilities to identify potential security breaches or anomalous behavior within our sandboxed environments
- Lead security reviews of new sandboxing technologies and provide guidance on their adoption within our infrastructure
- Mentor other engineers on secure coding practices and sandboxing best practices
- Contribute to our security incident response efforts, particularly for isolation-related security events
- Collaborate with research teams to understand the unique security requirements of AI workloads and develop appropriate isolation strategies
You may be a good fit if you :
Strong candidates may also have :
Representative projects :
Deadline to apply : None. Applications will be reviewed on a rolling basis.
#J-18808-Ljbffr
Create a job alert for this search
Staff Security Engineer • San Francisco, CA, United States
Related jobs
Snap Inc () is a technology company.We believe the camera presents the greatest opportunity to improve the way people live and communicate.
Snap contributes to human progress by empowering people to...Show moreLast updated: 23 hours ago
Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub.We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy ...Show moreLast updated: 23 hours ago
Senior Or Staff Enterprise Security Engineer.Want to work on building out security from the ground up at the leading edge of AI in healthcare globally? We're looking for a very experienced and high...Show moreLast updated: 23 hours ago
LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce.
Our products help people make powerful connections, discover exci...Show moreLast updated: 30+ days ago
Greylock has a long history of backing category-defining enterprise security companies such as Palo Alto Networks, Rubrik, and Wiz.
We recently invested in a next-generation cybersecurity startup th...Show moreLast updated: 23 hours ago Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub.We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy ...Show moreLast updated: 23 hours ago 
Staff Security Assurance Engineer (US).Citizenship is required for this position ==.The Databricks Security Assurance Team ensures that Databricks achieves and maintains critical third-party certif...Show moreLast updated: 23 hours ago
With more than 2 million nautical miles sailed and 50,000 days at sea, Saildrone has earned the trust of governments worldwide.
Our unmanned surface vehicles (USVs) deliver continuous, real-time int...Show moreLast updated: 23 hours ago
Okta is The World's Identity Company.We free everyone to safely use any technology, anywhere, on any device or app.Our flexible and neutral products, Okta Platform and Auth0 Platform, provide secur...Show moreLast updated: 23 hours ago Snap Inc () is a technology company.We believe the camera presents the greatest opportunity to improve the way people live and communicate.
Snap contributes to human progress by empowering people to...Show moreLast updated: 30+ days ago 
Coursera was founded in 2012 by Stanford professors Andrew Ng and Daphne Koller to make world-class learning accessible to everyone, everywhere.
Today, over 190 million learners and 375+ university ...Show moreLast updated: 30+ days ago
Founded in 2017, Obsidian Security was created to close a critical gap : securing the SaaS applications where modern business happens-platforms like Microsoft 365, Salesforce, and hundreds more.Back...Show moreLast updated: 30+ days ago
Pomelo Care is a multi-disciplinary team of clinicians, engineers and problem solvers who are passionate about improving care for moms and babies.
We are transforming outcomes for pregnant people an...Show moreLast updated: 23 hours ago
Snap Inc is a technology company.We believe the camera presents the greatest opportunity to improve the way people live and communicate.
Snap contributes to human progress by empowering people to ex...Show moreLast updated: 23 hours ago
We are open to hiring candidates to work out of one of the following locations : .Arlington, VA, USA | Redmond, WA, USA | San Francisco, CA, USA | Sunnyvale, CA, USA.
Project Kuiper is an initiative t...Show moreLast updated: 30+ days ago
Designed with simplicity in mind, Verkada's six product lines - video security cameras, access control, environmental sensors, alarms, workplace, and intercoms - provide unparalleled building secur...Show moreLast updated: 30+ days ago
At Parafin, we're on a mission to grow small businesses.Small businesses are the backbone of our economy, but traditional banks often don't have their backs.
We build tech that makes it simple for s...Show moreLast updated: 23 hours ago Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub.We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy ...Show moreLast updated: 23 hours ago
- Promoted
Security Engineer, Infrastructure Security, Level 5
SnapPalo Alto, CA, United StatesFull-time
- Promoted
Senior Staff Offensive Security Engineer (InfoSec) in Santa Clara
Energy Jobline ZRSanta Clara, CA, United StatesFull-time
- Promoted
Senior / Staff Enterprise Security Engineer
AbridgeSan Francisco, CA, United StatesFull-time
- Promoted
Senior Staff Security Engineer, Trust investigations
LinkedInMountain View, CA, United StatesFull-time
- Promoted
Staff Security Engineer (Founding Security Engineer)
Greylock PartnersSan Francisco, CA, United StatesFull-time
- Promoted
Staff Security Engineer in Mountain View
Energy Jobline ZRMountain View, CA, United StatesFull-time
- Promoted
Staff Security Assurance Engineer
DatabricksSan Francisco, CA, United StatesFull-time
- Promoted
Staff Security Engineer
Saildrone IncAlameda, CA, United StatesPermanent
- Promoted
Staff Security Engineer, TDI
Okta, Inc.San Francisco, CA, United StatesFull-time
- Promoted
Security Engineer, Enterprise Infrastructure Security, Level 5
SnapPalo Alto, CA, United StatesFull-time
- Promoted
Staff Security Engineer
CourseraMountain View, CA, United StatesFull-time
- Promoted
Staff Security Engineer - Corporate Security
Obsidian SecurityPalo Alto, CA, United StatesFull-time
- Promoted
Staff Security Engineer
Pomelo CareSan Francisco, CA, United StatesFull-time
- Promoted
Security Engineer, Infrastructure Security, Level 5
SnapchatPalo Alto, CA, United StatesFull-time
- Promoted
Sr. Security Engineer, Kuiper Security, Kuiper Security
AmazonSan Francisco, CA, United StatesPermanent
- Promoted
Staff+ Software Engineer, Security Infrastructure
VerkadaSan Mateo, CA, United StatesFull-time
- Promoted
Staff Security Engineer
Parafin IncSan Francisco, CA, United StatesFull-time
- Promoted
Staff Security Engineer in Alameda
Energy Jobline ZRAlameda, CA, United StatesPermanent