Enterprise Security Lead

About the Team

OpenAI’s Security organization supports the mission of deploying AGI for the benefit of all by ensuring the confidentiality, availability, and integrity of OpenAI’s technology, people, and products. Within the Security organization, the IT team ensures our diverse team of researchers, engineers, and staff have the tools they need to work comfortably, securely, and with minimal interruptions.

The Enterprise Security team is responsible for securing OpenAI’s a multitude of environments, including endpoint fleets, corporate systems, lab and test environments, on-premises hardware, identity and access management systems, SaaS applications, and user-facing infrastructure. The team works tirelessly to design, implement, and enforce modern security controls that protect sensitive data and ensure operational resilience from the most dedicated adversaries. We partner deeply with teams across the company to build secure defaults, scale security capabilities, and enable a productive, trusted workplace for OpenAI employees.

About the Role

As the Enterprise Security Engineering Lead, you will lead the team responsible for securing OpenAI’s internal enterprise environments. You’ll define and execute a security strategy that balances protection, user experience, and operational scalability. This includes hardening endpoints and SaaS infrastructure, building identity and access capabilities, implementing zero trust principles, and using AI to innovate new security controls. You will be the first line of defense against sophisticated and persistent adversaries targeting OpenAI.

You will manage and grow a team of engineers, partner with senior stakeholders across the company, and drive initiatives that meaningfully improve OpenAI’s security posture. This is a hands-on leadership role: while your primary responsibility will be setting direction and managing execution, you must have a strong technical foundation and be able to engage deeply on complex security challenges.

This role is based in San Francisco, CA. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In this role, you will:

• Lead and grow a top-tier team of security engineers; set strategy, cultivate operational excellence, and coach with high empathy and high standards.

• Own the enterprise defense mission end-to-end across macOS, Windows, Linux, labs, novel devices, servers, networks, SaaS, and bespoke infrastructure.

• Lead efforts to build secure, reliable, novel, and scalable internal security capabilities to advance the art of defense.

• Spearhead the design and implementation of defense in depth, assume breach, and zero trust principles across the enterprise environment.

• Partner closely with other security teams to prevent, detect, and respond to sophisticated adversaries targeting our information systems.

• Foster strong cross-functional partnerships to ensure we stay the most productive, high-velocity, secure AI lab in the world.

• Continually stay ahead of emerging threats and trends to keep OpenAI’s enterprise environment secure and resilient.

• Champion the use of AI and automation to improve security posture and response time.

You might thrive in this role if you:

• Have at least 6+ years managing exceptional, high-agency security teams in high-growth, cloud-first environments.

• Lead with clarity, empathy, and a focus on enabling the team and mission’s success..

• Have hands-on experience fighting real adversaries and turning hard-won lessons into architecture and controls.

• Have deep experience with at least one major OS platform (e.g., Windows, macOS, Linux), fleet management, identity and access management frameworks, and SaaS application hardening.

• Have expertise in common security controls and tooling including endpoint detection and response (EDR), MDM frameworks, network security, and zero trust architectures.

• Deep understanding of identity protocols (SAML, OAUTH, SCIM) and e-mail security controls (SPF, DKIM, DMARC).

• Have deep experience with at least one major hyperscaler cloud platform (e.g., Azure, AWS, GCP).

• Are comfortable collaborating at speed across a diverse set of teams to enable secure, high-speed business operations.

• Are able to balance strategic thinking with hands-on engagement.

Nice to have:

• U.S. Security Clearance and/or eligibility and willingness to obtain one

• Familiarity with regulatory frameworks and compliance requirements.

• Proficiency with Python, Bash, or similar scripting languages for automation.

• Experience in offensive security, penetration testing, or offensive network operations.

• Background in security incident response, threat modeling, or security architecture

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity. 

We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic.

For additional information, please see OpenAI’s Affirmative Action and Equal Employment Opportunity Policy Statement.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act. For unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage; return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment; and maintain the confidentiality of proprietary, confidential, and non-public information. In addition, job duties require access to secure and protected information technology systems and related data security obligations.

To notify OpenAI that you believe this job posting is non-compliant, please submit a report through this form. No response will be provided to inquiries unrelated to job posting compliance.

We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link.

OpenAI Global Applicant Privacy Policy

At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared. Join us in shaping the future of technology.