Key skills
PythonC++CGoRustAIArtificial IntelligenceOpenAIAWSAzureGCPKubernetesCI/CDCommunication
About this role
OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. They are seeking a Security Software Engineer to join the Infrastructure Security team, where the role involves designing and building critical security services to safeguard OpenAI's research and production environments.
Responsibilities:
- Architect and implement production-grade security services (e.g., auth services, access brokers, secure proxies, key-management infrastructure) that provide strong guarantees across hardware, operating systems, Kubernetes, networks, and CI/CD
- Partner with infrastructure and research engineers to embed security into high-performance compute clusters, enabling rapid model training and deployment without compromising protection
- Develop automation and detection tooling to continuously identify and mitigate risks in large-scale cloud and on-prem environments
- Drive high-impact initiatives such as line-speed encryption, machine identity, and network isolation, continuously raising the security bar for emerging AI workloads
- Lead or participate in design reviews and threat models to ensure new systems launch with strong security foundations and operational excellence
Requirements:
- Strong software engineering skills in languages such as Python, Go, Rust, or C/C++, with a track record of shipping and operating high-reliability distributed services
- Experience building or operating critical security infrastructure (e.g., auth services, service-to-service proxies, certificate or key-management systems)
- Deep understanding of security principles, best practices, and common vulnerabilities
- Expertise in securing large-scale cloud platforms (e.g., Azure, AWS, GCP), including multi-cloud networks and cloud-agnostic system design
- Familiarity with container and orchestration security (Kubernetes, service meshes) and modern authentication/authorization standards (OIDC, mTLS, SPIFFE/SPIRE)
- A proactive mindset, with the ability to identify and address security gaps or inefficiencies through automation and tooling
- A track record of delivering scalable solutions and driving impactful changes across infrastructure in real-world projects
- Strong analytical and problem-solving skills, with an ability to think critically and objectively assess security risks
- Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders
- Excitement about collaborating with cross-functional teams to build secure, reliable systems that scale globally