Engineering Manager, Access Management

We are seeking a Security Engineering Manager to lead our Access Management team. This team builds and operates the systems that control who and what can access Anthropic's infrastructure, data, and AI systems — our policy-based authorization engine, our centralized access-request and provisioning platform, and the audit tooling that keeps these systems accountable. 

The central challenge is designing access controls that keep pace with Anthropic's rapid growth — scaling least-privilege enforcement across an expanding fleet of cloud infrastructure, AI systems, and SaaS tools while keeping engineers productive. 

This includes a problem few companies have encountered yet: deciding how AI agents that work autonomously alongside human engineers should be granted and reviewed for access. You'll lead a small, high-impact team today and grow it as the company scales, partnering closely with IT, Security, GRC, and engineering teams across the organization.

• Lead, mentor, and grow a team of security engineers building access management infrastructure; you'll own hiring as the team scales
• Own the technical roadmap for our authorization engine, access-request platform, and related access control systems — making strategic decisions about what to build based on security risk and engineering velocity
• Drive least-privilege enforcement across public workloads, employees, SaaS applications, and internal tools, systematically identifying and eliminating over-provisioned access
• Evolve the RBAC model, automated provisioning, and the access-request platform end-to-end — request workflows, approval chains, HRIS sync, two-party controls, and integrations with downstream systems 
• Contribute to the company's emerging agent access model — defining how AI agents are granted permissions and how those permissions are reviewed, so agents operate within the same least-privilege framework as human engineers
• Ensure access events are well-structured and queryable — building the data foundation that supports audit, access reviews, compliance reporting, and incident response
• Ensure the systems you build satisfy audit and regulatory requirements (SOC 2, ISO 27001, ISO 42001, HIPAA), partnering with GRC so compliance is a byproduct of good engineering rather than a separate workstream
• Partner across the organization with IT, GRC, People Operations, Security Engineering, Detection and Response, Research and Engineering teams to ensure access management serves the entire company while maintaining security foundations

• 4+ years managing security, identity, or infrastructure engineering teams with a proven track record of high impact
• Experience building or operating enterprise access management systems — identity providers, access request workflows, automated provisioning, or directory services
• Understanding of IAM concepts: RBAC, ABAC, least privilege, separation of duties, access certification, and privileged access management
• Ability to evaluate security tradeoffs and make risk-based decisions across complex cloud environments
• Strong cross-functional collaboration skills, balancing security requirements with developer experience and velocity
• Clear and persuasive communicator in both writing and verbal settings
• Passionate about building diverse, high-performing teams and growing engineers in a fast-paced environment
• Low ego and high empathy

• Experience delivering compliance-driven engineering projects (SOC 2, ISO 27001, ISO 42001, HIPAA) at a company undergoing rapid growth or regulatory maturation
• Familiarity with HRIS integrations for automated identity lifecycle management
• Experience implementing two-party control (dual approval) patterns for sensitive access
• Background in OAuth, OIDC, SAML, SCIM, or SPIFFE/SPIRE identity protocols
• Experience designing access management strategy for a company going through hypergrowth
• Understanding of common identity-based attack patterns — credential theft, lateral movement, privilege escalation — and how access controls mitigate them
• Experience with Google Workspace administration, GCP organization policies, or AWS IAM at scale

Deadline to Apply: None, applications will be received on a rolling basis.