Used Tools & Technologies
Not specified
Required Skills & Competences
Tag name is followed by "@" symbol and proficiency level value.
About proficiency levels:
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Security @ 3
Communication @ 3
Compliance @ 3
Codex @ 3
AI @ 3
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Details
About the team
Governance, Risk, and Compliance (GRC) is foundational to Security delivering mission outcomes at OpenAI. The GRC team provides security assurances and builds compliance for OpenAI’s technology, people, and products. The team is technical in what it builds and operational in how it works, partnering with Product, Security, Legal, Privacy, GTM, and Field Security to help OpenAI move quickly while maintaining trust with customers, auditors, regulators, and the public.
About the role
This role is an individual contributor position focused on scaling OpenAI’s GRC function across product launches, regulatory readiness, and customer trust. You will partner closely with Product, Security, Legal, Privacy, Field Security, and GTM teams to ensure products launch with appropriate controls and that external narratives and customer-facing security and compliance materials are accurate and actionable. This role is explicitly not focused on supporting SOC/ISO audits; it is a cross-functional, operational role to enable fast, compliant product delivery without turning GRC into a bottleneck.
Responsibilities
- Own and improve the customer trust operating model: intake, triage, escalations, SLAs, metrics, and quality review.
- Support strategic customer trust needs, including security questionnaires, customer calls, Trust Center updates, and high-priority deal support.
- Partner with Product, Security, Legal, Privacy, and GTM teams to prepare accurate, approved trust materials for launches and regulated product changes.
- Build reusable customer-facing narratives, FAQs, evidence paths, and whitepapers to reduce one-off work while keeping claims controlled.
- Ensure external security and compliance claims are supported by internal processes and controls.
- Scale launch reviews so that GRC does not become a bottleneck for product launches and regulated product changes.
- Develop data handling guidance to provide product teams a paved path consistent with external commitments.
- Use automation and AI-native workflows across internal and external tooling (including Codex) to improve speed and consistency.
- Convert recurring customer discovery into reusable content, product feedback, evidence improvements, and control-gap signals.
Requirements
- Strong product assurance, product launch review, customer trust, security compliance, or enterprise trust experience in a technical environment.
- Ability to support GTM teams with accurate, approved, customer-facing security and compliance narratives.
- Sound judgment to distinguish what can be answered directly, what requires Product/Security/Legal review, and what should not be claimed externally.
- Experience building scalable operating models, metrics, content systems, and automation for repeated assurance workflows.
- Excellent written communication and ability to translate technical security concepts for customers, auditors, regulators, Sales, and Field Security.
- Technical fluency across SaaS, cloud, security controls, product launches, and enterprise assurance workflows.
- Experience scaling product launch reviews and handling regulated verticals (examples noted: Healthcare, Financial Services, Advertising).
- Comfortable using and automating with AI-native tools (Codex) to reduce manual review and automate launch review processes.
Benefits
- Base pay range: $216K–$252K (offers equity and additional total compensation components such as bonuses and equity).
- Medical, dental, and vision insurance with employer contributions to Health Savings Accounts.
- Pre-tax accounts (Health FSA, Dependent Care FSA, commuter expenses).
- 401(k) with employer match.
- Paid parental leave and paid medical/caregiver leave.
- Flexible PTO for exempt employees and paid time off for non-exempt employees.
- 13+ paid company holidays and periodic company office closures.
- Mental health and wellness support; employer-paid basic life and disability coverage.
- Annual learning and development stipend; daily meals in offices and meal delivery credits as eligible.
- Relocation support for eligible employees.