# Technical Threat Investigator, Threat Intel Engineering

**Company:** [OpenAI](https://hotfix.jobs/companies/openai)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $234k – $385k/yr
**Skills:** Osint, Threat Intelligence, Incident Response, Offensive Security, Scripting, Automation, Telemetry Analysis, AI Workflows, Adversary Tradecraft, Investigative Tooling
**Posted:** 2026-04-30

> Conducts deep investigations into sophisticated threat actors misusing AI models and targeting OpenAI, leveraging OSINT, telemetry, and scripting to identify disruptions. Builds scalable tooling and automations to enhance detection and safety, partnering cross-functionally for impact.

## Job Description

## Responsibilities
- Conduct deep, end-to-end investigations into sophisticated threat actors interacting with OpenAI's models, products, and broader ecosystem.
- Think like an adversary—model attacker behavior, anticipate misuse patterns, and proactively hunt for, identify, and disrupt malicious activity.
- Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of our models in cyber operations, platform abuse, and threats targeting OpenAI.
- Translate investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines.
- Build tooling, scripts, automations, and agentic workflows that scale investigative throughput and reduce manual effort.
- Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited.
- Partner closely with teams across Security, Safety Systems, Product Policy, and Integrity to operationalize findings and drive meaningful outcomes.
- Produce clear, high-signal written outputs and recommendations that inform decision-making across technical and executive stakeholders.

## Requirements
- Experience in threat intelligence, incident response, offensive security, or a closely related field.
- Solid experience investigating sophisticated threat actors, including model misuse, platform abuse, or other adversarial activity in complex environments.
- Strong understanding of adversary behavior, infrastructure, and tradecraft, and the ability to apply that understanding to proactive investigations.
- Demonstrated ability to independently drive deep technical investigations from ambiguous signals through to clear, actionable findings.
- Experience using AI to extend or accelerate investigative workflows.
- Strong scripting ability and comfort building lightweight automation, investigative tooling, or workflows that improve scale and repeatability.
- Strong ability to leverage telemetry from diverse systems and vendors to drive investigations, including directly querying, extracting, and stitching together data where needed.
- Strong written and verbal communication skills, especially the ability to translate technical investigations into high-signal outputs for diverse stakeholders.
- Comfort operating independently in ambiguous, fast-moving problem spaces with minimal oversight.

## Similar roles

- [Application Security Engineer](https://hotfix.jobs/jobs/654d17d4-a8c2-4d1a-88e8-1de0082654bc) - Retool - San Francisco, CA - $232k – $318k/yr
- [Security Engineer, Detection & Response](https://hotfix.jobs/jobs/f9c29ac7-c370-4fa3-a943-0dadcf763dae) - Scale AI - New York, NY - $238k – $297k/yr
- [Security Engineer, Infrastructure](https://hotfix.jobs/jobs/50525415-b271-43ec-80ab-bfdaaec54a2b) - Scale AI - San Francisco, CA - $238k – $297k/yr
- [Technical Abuse Investigator](https://hotfix.jobs/jobs/83352ea4-ce7a-47a1-ab2e-f85293019e1e) - OpenAI - San Francisco, CA - $230k – $425k/yr
- [Software Engineer, Scaled Abuse](https://hotfix.jobs/jobs/732bab54-c578-4c2f-928e-cb75247fc80d) - OpenAI - San Francisco, CA - $230k – $385k/yr

**Apply:** https://hotfix.jobs/jobs/88a57973-f0ed-4382-af9a-a8c83c0461b5
**Canonical:** https://hotfix.jobs/jobs/88a57973-f0ed-4382-af9a-a8c83c0461b5