Systems Software Engineer, Security, First Party Hardware

About the Role

The role requires a deep understanding of hardware security, embedded security, and system security, as well as the ability to partner with vendors and contract manufacturers to turn security requirements into concrete deliverables. You will be accountable for driving security requirements, building and driving validation for security-critical hardware and firmware behavior, and investigating hardware and firmware security issues.

Openai's commitment to security is evident in its dedication to building AI-native compute systems that prioritize security from the ground up. As a Security Engineer, you will play a critical role in ensuring the integrity and security of these systems, working closely with the silicon, hardware, firmware, infrastructure, manufacturing, operations, and security teams.

What You Will Do

• Own security requirements, threat models, validation strategy, and launch-readiness evidence for first-party hardware platforms from early design through production deployment.
• Design and review secure boot, measured boot, roots of trust, platform firmware resilience, firmware signing, recovery, and anti-rollback strategies across heterogeneous devices.
• Own device identity, provisioning, enrollment, attestation, certificate lifecycle, and key-management requirements across manufacturing and data center bring-up.
• Harden management interfaces and operational access paths across BMCs, hosts, accelerators, switches, and service tooling, including TLS/mTLS, Redfish, gNMI, SSH, syslog, and break-glass workflows.
• Drive security requirements for manufacturing, supply chain, firmware/image signing, storage encryption, RMA, repair, and decommissioning processes.
• Build and drive validation for security-critical hardware and firmware behavior, including debug lockout, lifecycle transitions, update paths, attestation evidence, and recovery flows.
• Partner with vendors and contract manufacturers to turn security requirements into concrete deliverables, test evidence, and launch gates.
• Drive end-to-end closure across design, implementation, manufacturing readiness, deployment readiness, fleet operations, and incident response when security issues arise.
• Investigate hardware and firmware security issues, assess exploitability and operational risk, and drive durable fixes with engineering owners.

What We Are Looking For

• 7+ years of hands-on experience, or exceptional accomplishments demonstrating equivalent expertise, in hardware security, embedded security, firmware security, platform security, or low-level systems security.
• Experience shipping or securing real hardware platforms, embedded devices, servers, accelerators, networking systems, BMCs, bootloaders, BIOS/UEFI, RTOS, or firmware update systems.
• Deep familiarity with secure boot, measured boot, TPMs, hardware roots of trust, device attestation, key provisioning, debug interfaces, firmware signing, recovery, or lifecycle-state design.
• Strong applied-cryptography judgment for secure boot, attestation, TLS/mTLS, key storage, certificate lifecycle, storage encryption, and long-range transitions such as post-quantum readiness.
• Ability to read and write systems code in C, C++, or Rust and to use that skill to review, prototype, test, or debug security-critical behavior.
• Comfort with hardware and willingness to learn and adapt to new technologies and systems.

Nice to Have

• Experience with cloud-based infrastructure and containerization.
• Knowledge of DevOps practices and tools, such as CI/CD pipelines and automated testing.
• Familiarity with machine learning and AI principles.

Benefits and Perks

• Competitive salary and benefits package.
• Opportunity to work on cutting-edge AI technology and contribute to the development of secure AI-native compute systems.
• Collaborative and dynamic work environment with a team of experienced professionals.
• Flexible work arrangements, including remote work options.
• Access to ongoing training and professional development opportunities.
• Comprehensive health insurance and wellness programs.
• Generous paid time off and holiday schedule.
• Retirement savings plan and matching program.

• When applying for this role, be prepared to provide specific examples of your experience with hardware security, embedded security, and system security.
• Showcase your ability to communicate complex technical concepts to both technical and non-technical stakeholders.
• Highlight your experience with secure boot, device attestation, and hardware roots of trust, and be prepared to discuss your approach to these topics.
• Demonstrate your understanding of the current landscape of AI security and the role's requirements.
• Be prepared to discuss your experience with cloud-based infrastructure, containerization, and DevOps practices.
• Show enthusiasm for ongoing learning and professional development, and highlight any relevant certifications or training programs you've completed.