Conducts deep investigations into sophisticated threat actors misusing AI models and targeting OpenAI, leveraging OSINT, telemetry, and scripting to identify disruptions. Builds scalable tooling and automations to enhance detection and safety, partnering cross-functionally for impact.
234k – 385k
RemoteSecurity Engineering
About the role
Responsibilities
Conduct deep, end-to-end investigations into sophisticated threat actors interacting with OpenAI's models, products, and broader ecosystem.
Think like an adversary—model attacker behavior, anticipate misuse patterns, and proactively hunt for, identify, and disrupt malicious activity.
Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of our models in cyber operations, platform abuse, and threats targeting OpenAI.
Translate investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines.
Build tooling, scripts, automations, and agentic workflows that scale investigative throughput and reduce manual effort.
Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited.
Partner closely with teams across Security, Safety Systems, Product Policy, and Integrity to operationalize findings and drive meaningful outcomes.
Produce clear, high-signal written outputs and recommendations that inform decision-making across technical and executive stakeholders.
Requirements
Experience in threat intelligence, incident response, offensive security, or a closely related field.
Solid experience investigating sophisticated threat actors, including model misuse, platform abuse, or other adversarial activity in complex environments.
Strong understanding of adversary behavior, infrastructure, and tradecraft, and the ability to apply that understanding to proactive investigations.
Demonstrated ability to independently drive deep technical investigations from ambiguous signals through to clear, actionable findings.
Experience using AI to extend or accelerate investigative workflows.
Strong scripting ability and comfort building lightweight automation, investigative tooling, or workflows that improve scale and repeatability.
Strong ability to leverage telemetry from diverse systems and vendors to drive investigations, including directly querying, extracting, and stitching together data where needed.
Strong written and verbal communication skills, especially the ability to translate technical investigations into high-signal outputs for diverse stakeholders.
Comfort operating independently in ambiguous, fast-moving problem spaces with minimal oversight.
Application Security Engineer identifies systemic security gaps, builds tooling and automation like custom linters and static analysis, conducts code reviews and threat modeling, and drives vulnerability remediation in a TypeScript/Python codebase. Requires 5+ years hands-on AppSec experience and strong engineering depth.
232k – 318k
On-site5+ YOESecurity Engineering
Security Engineer, Detection & Response
Scale AINew York, NY +3
Senior Security Engineer focused on building detection systems, incident response automation, and maturing telemetry pipelines across cloud environments. Requires 5+ years in detection engineering or security operations and production-grade coding skills.
238k – 297k
On-site5+ YOESecurity Engineering
Security Engineer, Infrastructure
Scale AISan Francisco, CA +2
Secures large cloud environments (AWS, Azure, GCP), orchestrates and secures compute/GPU clusters, and reviews infrastructure as code like Terraform. Requires expertise in cloud security, Kubernetes, NodeJS/TypeScript, and IaC tools.
238k – 297k
On-siteSecurity Engineering
Technical Abuse Investigator
OpenAISan Francisco, CA +1
Investigates and disrupts malicious use of OpenAI's AI platform using complex datasets and technical tools. Builds scalable solutions like SQL/Python pipelines to enhance team efficiency; requires 5+ years abuse investigation experience and technical projects.
230k – 425k
Hybrid5+ YOESecurity Engineering
Software Engineer, Scaled Abuse
OpenAISan Francisco, CA
Build and operate backend and data systems for real-time fraud/abuse detection, investigation, and enforcement at OpenAI. Requires 5+ years backend engineering and 2+ years fraud/abuse experience.