Principal Security Engineer, Infrastructure Security

Responsibilities

• Own the architecture and roadmap for one or more core security services (e.g., authN/Z, policy enforcement, secure proxies, key management), taking them from design to rollout to long-term operation.
• Design and implement planet-scale security systems that provide strong guarantees across hardware, operating systems, Kubernetes, networks, and CI/CD: balancing security, reliability, latency, and developer ergonomics.
• Lead cross-functional launches with infrastructure and research engineering teams, shaping interfaces, migration plans, and safe rollout strategies across large fleets and critical workflows.
• Build or evolve security primitives (identity, attestation, authorization, encryption key lifecycle, access mediation) that become platform building blocks for OpenAI.
• Leverage frontier models and agents to develop automation and detection tooling to continuously identify and mitigate risks in large-scale cloud and on-prem environments.
• Lead design reviews and threat models for major initiatives, and drive closure on systemic issues.
• Mentor engineers across InfraSec and partner teams, raising the bar on engineering quality, operational readiness, and secure-by-default practices.

Requirements

• Strong software engineering skills with a track record of shipping and operating reliable distributed systems in production.
• Experience building or operating critical infrastructure, especially security infrastructure, at planet scale (e.g., auth services, service-to-service proxies, certificate or key-management systems).
• Deep understanding of security principles, best practices, and common vulnerabilities.
• Demonstrated ability to lead cross-team technical initiatives: setting direction, aligning stakeholders, driving execution, and delivering measurable outcomes.
• Expertise and curiosity about using frontier models and agents to effectively solve security challenges.
• Expertise in securing large-scale cloud platforms (e.g., Azure, AWS, GCP), including multi-cloud networks and cloud-agnostic system design.
• A proactive mindset, with the ability to identify and address security gaps or inefficiencies through automation and tooling.
• Strong analytical and problem-solving skills, with an ability to think critically and objectively assess risks.
• Excellent communication skills, with the ability to convey complex security concepts to executive, technical, and non-technical stakeholders.