# Security Engineer, Detection and Response

**Company:** [OpenAI](https://hotfix.jobs/companies/openai)
**Location:** San Francisco, CA
**Role:** Security Engineering
**Salary:** $293k – $385k/yr
**Skills:** Kubernetes, AWS, Azure, GCP, Oci, Threat Detection, Incident Response, Threat Modeling, Detection Pipelines, Automation
**Posted:** 2026-01-28

> Builds and operates detection and response systems to protect OpenAI's sensitive assets across endpoints, cloud, Kubernetes, and datacenter infrastructure. Requires hands-on threat detection, incident response experience, and expertise in modern cloud platforms and automation.

## Job Description

## In this role, you will:
- Build and evolve Detection & Response capabilities across OpenAI’s infrastructure, products, and research environments, with an emphasis on high-signal detection and reliable operational response.
- Engineer detection pipelines and tooling: develop rule lifecycle management, measurement/quality loops (coverage, precision, latency), tuning processes, and safe rollout patterns.
- Automate response and investigations by building workflows that reduce toil (triage, enrichment, containment, evidence capture) and improve time-to-understand/time-to-contain.
- Partner with other Security teams and system/infrastructure owners across the company to ensure new systems ship with the right telemetry, threat models, and response playbooks from day one.
- Define D&R requirements and drive visibility across endpoints, identity, SaaS, cloud, Kubernetes: identify telemetry/control gaps, prioritize them, and advocate for fixes with partner teams (and implement directly when it’s the fastest/most effective path).
- Evaluate and respond to emergent security concerns in a frontier AI lab environment, such as detection and response strategies for agents operating across infrastructure at scale.

## You might thrive in this role if you:
- Have hands-on threat detection and/or incident response experience, including building detections, running investigations, and improving operational playbooks.
- Understand modern adversary tradecraft (TTPs) and can translate it into practical detection strategies and response actions.
- Bring a threat modeling mindset. You can evaluate new infrastructure or features, identify D&R implications (what could go wrong, what we’d need to see, how we’d respond), and turn that into concrete requirements for teams shipping the system.
- Have experience working in Kubernetes/containerized environments, including building detections from cluster telemetry and understanding common failure and attack modes (workloads, nodes, control plane, networking).
- Are comfortable reasoning about lower-level infrastructure and datacenter risks, such as firmware/BMC surfaces, network segmentation/telemetry, and hard-to-observe control paths.
- Have experience across major cloud platforms (Azure, AWS, GCP, OCI), and can design cloud-agnostic detection approaches where possible.
- Like building automation that replaces repetitive D&R work, including thoughtfully using agent-style workflows where they meaningfully reduce toil, while keeping outcomes measurable, auditable, and safe.
- Are energized by new problem areas at a forward-leaning technology company: e.g., thinking through how to detect and respond to agents operating across systems at scale, and turning those ideas into pragmatic telemetry and response requirements.
- Communicate clearly and collaborate well across teams. You can translate D&R needs into clear requirements, align stakeholders, and drive follow-through across technical and non-technical audiences.
- Are comfortable with scripting and enjoy using AI/agent tooling to accelerate investigations and automation—more “directing” than doing everything by hand.

## Similar roles

- [Security Engineer, Host Assurance](https://hotfix.jobs/jobs/b25f415d-5149-4104-a91a-384cc6f42e57) - OpenAI - San Francisco, CA - $293k – $385k/yr
- [Security Engineer, Agent Security](https://hotfix.jobs/jobs/dc83643f-9f40-4224-a248-6a53c33f06a2) - OpenAI - San Francisco, CA - $293k – $385k/yr
- [Researcher, Automated Red Teaming](https://hotfix.jobs/jobs/c8bad9d3-b859-4225-a74f-118514d784b4) - OpenAI - San Francisco, CA - $295k – $445k/yr
- [Security Engineer, Detection & Response](https://hotfix.jobs/jobs/8fbbaee5-e02c-4617-8eba-262d886cda43) - Anthropic - San Francisco, CA - $300k – $405k/yr
- [Threat Collections Engineer](https://hotfix.jobs/jobs/c0c31e7e-6d1b-48ef-a06a-69c21286e94b) - Anthropic - San Francisco, CA - $300k – $320k/yr

**Apply:** https://hotfix.jobs/jobs/b02c5533-5c6f-4a14-9352-1a06e1f7b1fd
**Canonical:** https://hotfix.jobs/jobs/b02c5533-5c6f-4a14-9352-1a06e1f7b1fd