Agentic Risk Analyst

Responsibilities

• Build and maintain a company-wide portfolio of material agentic risks across OpenAI’s products, platforms, and emerging capabilities, mapping each risk to relevant workstreams, owners, mitigations, dependencies, decisions, and residual gaps.
• Run a cross-functional intake and review cadence for signals from across OpenAI and the broader ecosystem to identify emerging risks, evolving threat patterns, and important shifts in the agentic risk landscape, routing findings to the right owners and decision-makers.
• Connect individual incidents, technical findings, evaluations, and weak signals to broader system-level trends, producing clear assessments of impact, severity, evidence, uncertainty, priority, and recommended action.
• Assess how emerging capabilities, product changes, ecosystem developments, and adversary adaptation may affect current risk priorities and launch readiness, surfacing risks that are unowned, stalled, or under-mitigated for decision and escalation, and tracking residual risk after launch.
• Use relevant external developments across AI safety and security research, public incidents, adversarial activity, industry standards, emerging technologies, and competitor products as inputs to current risk prioritization and mitigation decisions.
• Apply and refine practical frameworks and taxonomies for current agentic failure modes, control gaps, abuse patterns, and potential downstream harms across products, deployment environments, and user workflows.
• Produce concise, decision-ready assessments that communicate key findings, assumptions, confidence levels, competing hypotheses, and prioritized recommendations for product, safety, security, policy, and leadership stakeholders.
• Define and track operating metrics for the agentic-risk program, including coverage, ownership, decision latency, mitigation status, and closure.
• Partner with colleagues who lead evaluations, scenario analyses, tabletop exercises, red-team campaigns, and investigations focused on agentic systems, using their findings to drive actionable mitigations, accountable ownership, and measurable follow-through.

Requirements

• Significant experience—typically 7+ years—in trust and safety, integrity, security, cyber threat intelligence, AI safety, product risk, strategic intelligence, abuse investigations, or a related field.
• Strong understanding of modern AI systems and agentic architectures, including hands-on experience using, evaluating, or building agentic systems.
• Familiarity with AI safety concepts, agentic failure modes, and misalignment risks; ability to reason about how agent objectives, incentives, environments, and system design choices may produce unintended or harmful outcomes.
• Demonstrated experience analyzing how harmful outcomes emerge from interactions between users, products, and technical systems, and assessing how increasingly capable agentic systems may amplify, automate, or transform existing abuse vectors such as fraud, scams, social engineering, coordinated influence operations, cyber abuse, or other forms of platform misuse.
• Experience operating a cross-functional risk, safety, security, or integrity program, clarifying ownership, resolving dependencies, escalating gaps, and driving follow-through without direct authority.
• Exceptional analytical judgment and experience producing assessments under uncertainty; ability to identify weak signals, develop and test hypotheses, distinguish signal from noise, communicate assumptions and confidence levels clearly, and update conclusions as new evidence becomes available.
• Strong technical fluency and comfort engaging deeply with engineers, researchers, and security practitioners; ability to translate technical findings into clear risk assessments.
• Comfort synthesizing data and evidence from multiple sources to manage a current risk portfolio, including investigations, telemetry, evaluations, experiments, dashboards, and external research. Experience using SQL, Python, and analytical tools is a plus.
• Experience applying risk frameworks, threat models, severity assessments, taxonomies, or prioritization frameworks to structure current operational ambiguity and support decision-making.
• Ability to communicate complex topics clearly and effectively, producing concise, executive-ready analysis and influencing stakeholders across technical and non-technical teams.
• Comfort thriving in fast-moving environments, balancing rigor with pragmatism while building lightweight operating processes and tools that improve organizational coordination and follow-through on material risks.