About the role
As part of the Anthropic security department, the compliance team understands security requirements for protecting customer information, AI systems, and corporate data as established by regulators, customers and (nascent) industry norms (which we also seek to influence). The compliance team uses this understanding to provide direction to internal partners on the priorities of security requirements they must meet. The compliance team assures regulators and customers that those expectations are met by earning security credentials and responding to direct inquiry about Anthropic's security program from auditors, customers, regulators, and partners.
This opportunity is unique, as we work to secure today’s most novel and valuable asset types, we must build a new kind of compliance program, safeguarding artificial intelligence capabilities.
Responsibilities:
- Plan and lead engagements with independent security assessors to earn certifications and attestations important to Anthropic’s customers in the EU.
- Understand the breadth of Anthropic’s security capabilities and how those capabilities address common security requirements in EU-specific security and privacy regulations.
- Support customers and prospective EU customers who have questions about or need commitments from Anthropic’s security program.
- Drive programs to improve the ease and rigor of Anthropic’s compliance to its security controls and standards.
- Contribute updates to policies capturing security and AI safety requirements specific to EU customers.
- Support maintenance of Anthropic’s system of controls through audit, record keeping, and communication.
You may be a good fit if you:
- Have been responsible for audit planning, evidence curation, document generation, and other procedures for compliance with industry standard security assessments, like ISO 27001.
- Engage confidently with customers, partners, and regulators to respond to their inquiries in written or verbal form
- Have built or significantly improved a common controls framework
- Write clear and useful security documentation
- Thrive in a fast-paced and growing organization
- Organize time-bounded tasks in delegated work streams across a diverse organization
- Are comfortable working in a distributed team
- Have 7+ years of experience in a role with similar responsibilities
Strong candidates may also have experience with:
- Be familiar with AWS / GCP security capabilities, especially identity and access management features.
- Understand development of large language models (LLMs)
- Have some experience implementing automated enforcement of security controls
Deadline to apply: None. Applications will be reviewed on a rolling basis.