Anthropic

Threat Collections Engineer

Anthropic
remote mid full-time $300,000 - $320,000 USD San Francisco, CA, Washington, DC
Apply →

First indexed 8 Mar 2026

Description

About Anthropic

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems.

About the Role

We are looking for a Threat Collections Engineer to join our Threat Intelligence team. In this role, you will build the infrastructure that powers our threat discovery capabilities—integrating external data sources, developing detection systems for automated lead generation, and creating internal tooling that scales our investigators' impact.

This is a foundational engineering role on a small, high-impact team. You will take projects from proof-of-concept to production, work closely with investigators to understand their needs, and help scale what may become a multi-person collections function.

Responsibilities:

  • Build automated detection systems that use disparate signals to identify abusive behaviour.
  • Take systems from idea to proof-of-concept to production-grade with appropriate monitoring, documentation, and maintenance processes
  • Develop and maintain YARA rule infrastructure, including tools for writing, validating, and testing rules against real data
  • Create integrations with external threat intelligence platforms (e.g. VirusTotal, Censys, Urlscan) via MCP servers to enable multi-source correlation during investigations
  • Build data pipelines that ingest intelligence from RSS feeds, CTI news sources, and partner sharing, using Claude to extract TTPs and generate targeted hunting queries
  • Develop behavioural analytics capabilities using DBT-based frameworks and create searchable audit logging infrastructure
  • Establish feedback loops with investigators to tune detection systems and reduce false positives
  • Scrape and normalise data from external sources to feed threat detection and enrichment workflows

You may be a good fit if you:

  • Have strong coding proficiency in Python and SQL for building detection logic, data pipelines, and automation
  • Have experience with data pipeline orchestration tools (Airflow, DBT, or similar)
  • Have familiarity with threat intelligence concepts including IOCs, YARA rules, and threat correlation techniques
  • Have experience integrating external APIs and building data ingestion systems
  • Can translate investigator needs and workflows into technical requirements
  • Are comfortable building v0 systems and iterating based on user feedback
  • Have strong communication skills for working closely with non-engineering stakeholders

Strong candidates may also have:

  • Experience with threat intelligence sharing frameworks (e.g. MISP, STIX/TAXII)
  • Background in cyber threat intelligence, security operations, or abuse detection
  • Experience building MCP servers or similar tool integrations for AI systems
  • Familiarity with web scraping and data extraction at scale
  • Experience with behavioural analytics or anomaly detection systems
  • Understanding of LLM capabilities and how to leverage them for automation
  • A Top Secret Clearance

Deadline to apply:

None. Applications will be reviewed on a rolling basis.

Logistics

Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification.** Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team.

Your safety matters to us.** To protect yourself from potential scams, remember that Anthropic recruiters only contact you from @anthropic.com email addresses. In some cases, we may partner with vetted recruiting agencies who will identify themselves as working on behalf of Anthropic. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links—visit anthropic.com/careers directly for confirmed position openings.

How we're different

We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact — advancing our long-term goals of steerable, trustworthy AI — rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics as it does with computer science.

This listing is enriched and indexed by YubHub. To apply, use the employer's original posting: https://job-boards.greenhouse.io/anthropic/jobs/5074937008