Forward Deployed Security Engineer

About the Role

The Security team at OpenAI is committed to supporting all products and research, with a focus on prioritizing impact, enabling researchers, and preparing for future transformative technologies. As a Forward Deployed Security Engineer, you will embed directly with strategic public sector customers, implementing and maintaining robust security controls and serving as a design and technical thought partner.

OpenAI's technology has the potential to transform industries and improve lives, but it also requires careful consideration of security risks. As a Forward Deployed Security Engineer, you will play a critical role in ensuring the security and integrity of OpenAI's technology, working to stay ahead of potential threats and continuously improving security measures.

What You Will Do

• Embed with strategic public sector customers to implement and maintain robust security controls
• Serve as a design and technical thought partner, leveraging security expertise in protective controls including access controls, authentication, encryption, network, and system security
• Collaborate closely with teammates, cross-functional teams, customers, and service providers to achieve security and compliance goals
• Ensure continuity of critical security and monitoring controls through routine security assessments, threat monitoring, and security validation exercises
• Develop and maintain comprehensive knowledge of modern adversary tactics, techniques, and procedures
• Work closely with engineering teams to ensure the overall security of deployments from design to production
• Participate in threat modeling and risk assessment exercises to identify potential security risks
• Develop and implement incident response plans to address security incidents
• Collaborate with other teams to develop and implement security training and awareness programs
• Stay up-to-date with the latest security technologies and trends, applying this knowledge to improve OpenAI's security posture

What We Are Looking For

• 5+ years of security engineering experience, with an emphasis on infrastructure security, application security, network security, datacenter security, and systems engineering
• Familiarity with deployment models, including to cloud platforms (Azure, AWS) and the underlying infrastructure primitives (Kubernetes, Terraform)
• Proficiency in programming languages such as Python, Golang, or similar
• A proven track record of developing high-quality, scalable, and secure infrastructure
• Experience with security operations including insider threat monitoring, network/endpoint detection and response, or red team or penetration testing operations
• Comprehensive knowledge of modern adversary tactics, techniques, and procedures
• The ability to work collaboratively and effectively in a cross-functional team environment
• Experience working in a fast-paced, dynamic environment with a high level of ambiguity
• Strong communication and problem-solving skills

Nice to Have

• An active US security clearance
• Experience working with public sector customers
• Familiarity with AI and machine learning technologies
• Experience with security compliance frameworks such as NIST or ISO 27001

Benefits and Perks

• Competitive salary and equity package
• Opportunity to work on cutting-edge AI technology
• Collaborative and dynamic work environment
• Flexible work arrangements, including remote work options
• Professional development opportunities, including training and conference sponsorships
• Access to state-of-the-art security tools and technologies
• Comprehensive health and wellness benefits, including medical, dental, and vision insurance
• Generous paid time off and holiday schedule
• 401(k) matching program

• Tip: Highlight your experience with security operations, including threat monitoring and incident response, to stand out in this role.
• Make sure to showcase your proficiency in programming languages such as Python or Golang, and your familiarity with cloud platforms like Azure or AWS.
• Be prepared to discuss your approach to security risk management and how you stay up-to-date with the latest security technologies and trends.
• Emphasize your ability to work collaboratively and effectively in a cross-functional team environment, and highlight any experience working with public sector customers.
• Consider including examples of your experience with security compliance frameworks, such as NIST or ISO 27001, to demonstrate your knowledge of security regulations and standards.
• Be prepared to provide specific examples of your experience with security tools and technologies, and be ready to discuss your approach to security testing and validation.
• Tip: Research OpenAI's company culture and values to understand their priorities and expectations, and be prepared to discuss how your skills and experience align with these values.