
Compensation
$375,000-$455,000/yrDescription
About the role
We are looking for a threat intel manager to build and run our Influence Operations & Surveillance team within Threat Intelligence. This team detects, investigates, and disrupts the misuse of Anthropic's AI systems for influence operations, coordinated inauthentic behavior, and surveillance operations by authoritarian states and the commercial spyware ecosystem.
This is a ground-floor leadership role. The mission area today produces some of our most consequential casework and external reporting almost entirely through manual investigation; you will stand up its purpose-built detection capabilities, set the strategy for how a frontier AI company finds and counters state-linked information manipulation and surveillance misuse, and you'll personally be involved with the most complex investigations.
Important context: In this position you may be exposed to explicit content spanning a range of topics, including those of a sexual, violent, or psychologically disturbing nature. This role may require responding to escalations during weekends and holidays.
Key responsibilities
- Own strategy, priorities, and outcomes for the Influence Operations & Surveillance threat intel mission area
- Hire, manage, and develop a small team of technical threat investigators with IO and surveillance expertise
- Personally lead investigations into state-linked surveillance misuse including commercial spyware vendors and surveillance products whose end customers are authoritarian governments and AI-enabled influence campaigns
- Stand up the mission area's first automated detection: abuse signals, behavioral clustering, and coordinated-network detection tailored to information manipulation and surveillance tooling
- Conduct cross-platform analysis linking on-platform activity to broader campaigns across social media, messaging platforms, and the spyware supply chain
- Attribute campaigns to specific actors, with particular focus on state-sponsored operations from geopolitically significant regions
- Own external engagement: government partners, platform integrity teams, academic and civil-society researchers, and threat intelligence sharing communities
- Drive public and partner-facing reporting on AI-enabled IO and surveillance, and inform safety-by-design strategies as multimodal and agentic capabilities reshape the landscape
Minimum qualifications
- Have deep subject matter expertise in influence operations, coordinated inauthentic behavior, or state surveillance / commercial spyware ecosystems
- Have led investigative teams or threat intel teams.
- Have demonstrated proficiency in SQL and Python for data analysis and threat detection
- Have experience attributing campaigns to specific threat actors, including state-sponsored operations
- Have strong OSINT tradecraft for investigating online information ecosystems
- Have hands-on experience with large language models and how they can be weaponized for IO and surveillance
- Can present analytical work to technical and non-technical audiences, including government stakeholders and senior leadership
Preferred qualifications
- Experience at a major technology platform on influence operations, platform integrity, or content authenticity
- Background in intelligence analysis, information operations, or counter-disinformation in government or military contexts
- Experience investigating commercial spyware or surveillance-as-a-service vendors (e.g., civil-society or vendor-research backgrounds)
- Experience investigating operations linked to Chinese, Russian, Iranian, or other state-sponsored campaigns
- Fluency in Mandarin Chinese, Russian, Farsi, and/or Arabic with nuanced regional and geopolitical context
- Familiarity with social network analysis for mapping coordinated behavior
- Active Top Secret security clearance
Stack
- Posted
- Jul 8, 2026
- Last seen
- Jul 8, 2026
- First seen
- Jul 8, 2026


