Technical Threat Investigator, Threat Intel Engineering

## About the Role The Technical Threat Investigator role at Openai is a critical component of the company's security strategy, focusing on identifying and disrupting sophisticated adversaries targeting Openai's systems, models, and broader ecosystem. This is a deeply investigative role that requires a unique blend of technical depth, investigative rigor, and strong cross-functional partnerships. The successful candidate will be part of a team that combines technical expertise with strong analytical skills to uncover threats and drive impact across Openai's security and research organizations. As a Technical Threat Investigator, you will be at the forefront of protecting Openai from capable threat actors, understanding their behavior, infrastructure, and emerging techniques. Your work will have a direct impact on the security and integrity of Openai's systems and models, ensuring that the company's mission to benefit humanity through artificial general intelligence is not compromised. Openai's Threat Intelligence team operates with a high degree of autonomy, partnering closely with various teams across the organization to operationalize findings and drive meaningful outcomes. This collaboration is key to translating investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines. ## What You Will Do - Conduct complex, end-to-end investigations into sophisticated threat actors interacting with Openai's models, products, and ecosystem.

• Proactively hunt for, identify, and disrupt malicious activity, modeling attacker behavior and anticipating misuse patterns.
• Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of Openai's models.
• Translate investigative findings into durable solutions that scale impact, driving improvements across detection, enforcement, intel, and safety pipelines.
• Build, own, and maintain lightweight tooling, automations, and workflows that make investigations faster, more repeatable, and more effective over time.
• Partner with teams across Security, Safety Systems, Product Policy, and Integrity to operationalize findings and drive outcomes.
• Produce clear, high-signal written outputs and recommendations that inform decision-making across technical and executive stakeholders.
• Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited.
• Continuously update and refine your knowledge of adversary behavior, infrastructure, and tradecraft, applying this understanding to proactive investigations.

## What We Are Looking For - Experience in threat intelligence, incident response, offensive security, or a closely related field, with a solid understanding of sophisticated threat actors and their tactics.

• Solid experience investigating model misuse, platform abuse, or other adversarial activity in complex environments, with the ability to apply that understanding to proactive investigations.
• Demonstrated ability to independently drive deep technical investigations from ambiguous signals through to clear, actionable findings.
• Experience using AI to extend or accelerate investigative workflows, with a strong scripting ability and comfort building lightweight automation and tooling.
• Strong ability to leverage telemetry from diverse systems and vendors to drive investigations, including directly querying, extracting, and stitching together data where needed.
• Strong written and verbal communication skills, especially the ability to translate technical investigations into high-signal output for both technical and executive stakeholders.
• Ability to think like an adversary, modeling attacker behavior and anticipating misuse patterns to proactively identify malicious activity.

## Nice to Have - Experience working in a fast-paced, dynamic environment with a high degree of autonomy, where priorities can shift rapidly.

• Knowledge of current AI-powered cyber threats and the evolving landscape of threat intelligence.
• Participation in bug bounty programs or Capture The Flag (CTF) challenges, demonstrating an active engagement with the security and threat intelligence community.
• Experience with cloud security, particularly in protecting AI models and data in cloud environments.

## Benefits and Perks - The opportunity to work on cutting-edge security challenges, protecting Openai's systems and models from sophisticated threats.

• A highly competitive compensation package, including equity and comprehensive benefits.
• Flexible, remote work arrangements, with the option to work from anywhere in the world.
• Access to cutting-edge technologies and tools, with a strong focus on innovation and continuous learning.
• A dynamic, collaborative work environment with a team of experienced security professionals.
• Opportunities for professional growth and development, including training, mentorship, and career advancement opportunities.
• Comprehensive health insurance, including medical, dental, and vision coverage.
• Generous PTO and holiday schedule, allowing for a healthy work-life balance.

- To stand out in your application, highlight specific examples of your experience investigating sophisticated threat actors and your ability to drive impact through durable solutions.

• Be prepared to demonstrate your technical expertise, including your knowledge of adversary behavior, infrastructure, and tradecraft, as well as your experience with AI-powered investigative workflows.
• Showcase your ability to communicate complex technical information to both technical and executive stakeholders, with clear, high-signal written outputs and recommendations.
• Consider including examples of your work in bug bounty programs or CTF challenges, demonstrating your active engagement with the security and threat intelligence community.
• Prepare to discuss your experience with cloud security, particularly in protecting AI models and data in cloud environments, and how you stay current with the evolving landscape of threat intelligence.
• When negotiating salary, be prepared to discuss your expectations based on industry standards and your level of experience, as well as any additional benefits or perks you may be looking for.