Used Tools & Technologies
Not specified
Required Skills & Competences
Tag name is followed by "@" symbol and proficiency level value.
About proficiency levels:
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Security @ 4
Leadership @ 4
Communication @ 7
Observability @ 4
AI @ 4
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Details
About the Team
OpenAI’s Security organization exists to enable safe, responsible innovation at scale. As our systems, infrastructure, and research footprint grow, we invest deeply in world-class security capabilities that protect our people, products, and users without slowing progress.
This organization safeguards OpenAI’s environments by building advanced detection systems, driving real-time response capabilities, scaling telemetry and logging infrastructure, and delivering actionable threat intelligence to stay ahead of adversaries.
About the Role
We are seeking a Global Detection and Response Lead to own and scale OpenAI’s cybersecurity detection and response operations. In this role you will set the strategy and drive execution for security monitoring, incident response, recovery, and post-incident improvements across our global infrastructure. You will be a hands-on leader with deep technical credibility and strong operational instincts. You will build and mentor high-performing teams, partner closely with Infrastructure, Research, Product Security, Enterprise Security, IT, and Engineering, and ensure that detection and response capabilities are embedded by design into the systems that power OpenAI.
This is a strategic and practical leadership role requiring deep technical credibility, operational rigor, and the ability to build high-performing teams in a fast-moving environment.
Responsibilities
- Oversee global detection and response operations, including continuous monitoring, triage, investigation, containment, and remediation of security events across diverse networks and infrastructure.
- Lead, mentor, and directly manage several small teams of senior engineers across observability, detection and response, and threat intelligence. Hire and scale these functions as OpenAI’s compute footprint and platform ambitions grow.
- Ensure operational rigor and readiness through management of incident playbooks, on-call and escalation paths, tabletop exercises, and continuous improvement of response quality and speed.
- Improve detection quality and coverage by partnering with engineering teams to ensure critical telemetry is available, reliable, and actionable across cloud, corporate, and production environments.
- Partner across OpenAI to evaluate and respond to emergent security concerns in a frontier AI lab environment (e.g., detection/response strategies for agents operating across infrastructure at scale).
- Build a world-class security program capable of withstanding tier-1 adversaries by maximally embracing internal models to solve frontier security problems.
Requirements
- 10+ years in cybersecurity with deep expertise in detection engineering, incident response, and security operations.
- Active U.S. Government security clearance (Top Secret) or willingness and eligibility to obtain one.
- Deep experience building and leading detection and response, instrumentation/observability, and threat intelligence teams across a global footprint, including airgapped and sovereign environments.
- Exceptional leadership skills and a demonstrated history of driving durable, continuous improvements to programs, processes, and people.
- Strong written and verbal communication skills; ability to remain calm under pressure and run command of security incidents involving numerous stakeholders across diverse teams and seniority levels.
- Deep expertise in modern observability stacks (for example, SIEM, data lakes, EDR, cloud telemetry, logging) and detection primitives.
- Solid understanding of modern adversary tradecraft (TTPs) and demonstrated experience translating it into practical detection strategies and response actions.
Benefits
- Base pay range: $347,000 – $490,000 (San Francisco). Offers equity and may include performance-related bonus(es).
- Medical, dental, and vision insurance with employer contributions to Health Savings Accounts.
- Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses.
- 401(k) retirement plan with employer match.
- Paid parental leave (up to 24 weeks birth parents; up to 20 weeks non-birthing parents) and paid medical/caregiver leave.
- Flexible PTO for exempt employees and up to 15 days annually for non-exempt employees; 13+ paid company holidays and additional office closures.
- Mental health and wellness support; employer-paid basic life and disability coverage.
- Annual learning and development stipend; daily meals in offices and meal delivery credits as eligible.
- Relocation support for eligible employees.
- Additional taxable fringe benefits (charitable donation matching, wellness stipends, etc.).