Head of Security Risk

Responsibilities:- Own and steer Anthropics security risk management program end-to-end: risk intake, triage, assessment, quantification, treatment tracking, and reporting- Manage and develop a small team of risk engineer, setting priorities, coaching on assessment methodology, and guiding the team through complex risk scenarios- Design and operate the risk intake and triage process for ad hoc weaknesses, vulnerabilities, and risk submissions surfaced from across the company- Partner with leadership to facilitate an enterprise forum for escalation, risk acceptance decisions, and strategic risk discussions- Lead risk quantification efforts including stress testing, scenario modeling, and deep dives into novel risk areas, particularly AI-specific risks with limited precedent- Oversee the execution of periodic and ad hoc security risk assessments across infrastructure, products, operations, and vendors- Develop executive-level risk reporting and dashboards that give leadership clear visibility into top risks, trends, and program effectiveness- Collaborate with various teams such as Engineering, Product, Compliance, Privacy, and Legal to ensure risk assessments reflect cross-functional perspectives and align with regulatory obligations (SOC 2, ISO 27001, HIPAA, EU AI Act, FedRAMP)- Lead the response to newly identified enterprise-level security risks, coordinating rapid assessment and escalation when needed You may be a good fit if you:- Have 15+ years of experience in security or risk management disciplines, with at least 5-7 years in a people leadership role managing risk engineers or equivalent- Have built, transformed, or significantly scaled a security risk management program at a high-growth technology company- Have hands-on experience with quantitative risk analysisincluding FAIR, scenario modeling, Monte Carlo simulation, or similar approaches- Excel at engaging executives on risk decisions, translating complex technical risk scenarios into clear business-relevant recommendations- Have established risk governance structures (risk councils, steering committees, escalation frameworks) that earned leadership trust- Are a genuine player-coach who leads from the front on the hardest problems while developing your teams capabilities- Can write precise, compelling risk statements that convey technical depth while remaining accessible to diverse stakeholders Strong candidates may:- Bring deep expertise in risk assessment methodologies (NIST RMF, ISO 31000, FAIR, OCTAVE) and can adapt them to novel risk domains- Have experience assessing AI-specific risks (model security, adversarial attacks, data pipeline integrity, prompt injection, training data provenance)- Bring background in stress testing methodologies from financial services, critical infrastructure, or other high-stakes environments- Have experience presenting to boards, executive risk committees, or senior leadership on enterprise risk posture- Have experience with GRC platforms and risk management tooling (OneTrust, ServiceNow GRC, Archer, MetricStream, or similar)Deadline to apply:None, applications will be received on a rolling basis.The annual compensation range for this role is listed below.For sales roles, the range provided is the roles On Target Earnings (

Created: 2026-02-04