Principal Security Engineer, Infrastructure Security
at OpenAI
📍 United States
📍 New York City, United States
📍 San Francisco, United States
📍 Seattle, United States
📍 New York City, United States
📍 San Francisco, United States
📍 Seattle, United States
USD 277,600-490,000 per year
Used Tools & Technologies
Not specified
Required Skills & Competences
Tag name is followed by "@" symbol and proficiency level value.
About proficiency levels:
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Security @ 4
Kubernetes @ 4
CI/CD @ 4
Hiring @ 4
Leadership @ 7
AWS @ 4
Azure @ 4
Communication @ 7
Networking @ 4
Technical Leadership @ 7
GPU @ 4
AI @ 4
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Details
OpenAI's Security team protects the company's technology, people, and products. The Infrastructure Security (InfraSec) team secures the foundations of OpenAI's research and production environments, spanning GPU supercomputing clusters, multi-cloud infrastructure, datacenters, networking, storage, and critical services. The role focuses on securing layers from hardware and firmware to Kubernetes clusters, service meshes, and data storage and access pathways for sensitive model weights and user data.
Responsibilities
- Own end-to-end security outcomes for one or more critical infrastructure areas, including multi-quarter strategy, roadmap, and delivery.
- Design and build security controls across diverse layers (physical hardware, firmware/BMC, OS, Kubernetes, networks, CI/CD) to defend against sophisticated adversaries and insider threats.
- Lead cross-functional programs to deploy security enhancements and control changes across broad-scale infrastructure, balancing security guarantees with reliability and velocity.
- Take a generalist approach to building security controls, combining security expertise with broad technical skillsets to adapt to evolving challenges.
- Lead and/or drive threat modeling and design reviews for major infrastructure changes, ensuring strong security foundations and operational excellence.
- Mentor and level up engineers across InfraSec and partner teams; contribute to a strong security culture through guidance, reviews, and technical leadership.
Requirements
- Deep understanding of security principles, best practices, and common vulnerabilities, including strong security judgment under ambiguity.
- Proactive mindset with the ability to identify and address security gaps or inefficiencies through automation and tooling.
- Expertise and curiosity about using frontier models and agents to effectively solve security challenges.
- Track record of leading large, cross-org initiatives from concept to rollout, including navigating tradeoffs, driving alignment, and delivering measurable risk reduction.
- Deep expertise in cloud platform security (examples called out: Amazon AWS, Microsoft Azure), especially securing multi-cloud networks and infrastructure and designing cloud-agnostic systems.
- Experience securing on-prem deployments and datacenters (from construction to multi-tenant use).
- Familiarity with container security, orchestration security, and authentication/authorization.
- Strong analytical and problem-solving skills and excellent communication skills for conveying complex security concepts to executive, technical, and non-technical stakeholders.
- Excitement about collaborating with cross-functional teams to build secure, reliable systems that scale globally.
About OpenAI & Hiring Notes
- OpenAI is an AI research and deployment company committed to safe development and deployment of general-purpose AI.
- Equal opportunity employer; various equity and inclusion statements included.
- Background checks will be administered in accordance with applicable law for US-based candidates; specific local fair chance ordinances are referenced.
- Applicants can request reasonable accommodations via provided links.
Benefits
- Base pay varies by market and individual factors; total compensation includes equity and potential bonuses.
- Medical, dental, and vision insurance with employer contributions to Health Savings Accounts.
- Pre-tax accounts: Health FSA, Dependent Care FSA, commuter expenses (parking and transit).
- 401(k) retirement plan with employer match.
- Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents); paid medical and caregiver leave (up to 8 weeks).
- Paid time off: flexible PTO for exempt employees; up to 15 days annually for non-exempt employees.
- 13+ paid company holidays and additional coordinated office closures; paid sick or safe time as required by law.
- Mental health and wellness support; employer-paid basic life and disability coverage.
- Annual learning and development stipend.
- Daily meals in offices and meal delivery credits as eligible.
- Relocation support for eligible employees.
- Additional taxable fringe benefits (charitable donation matching, wellness stipends) may be provided.