Enterprise Security Engineer

Enterprise Security Engineer at OpenAI

Within the OpenAI Security organization, our IT team works to ensure our team of researchers, engineers, and staff have the tools they need to work comfortably, securely, and with minimal interruptions. As an Enterprise Security Engineer, you will work in a highly technical and employee-focused environment.

Our IT team is a small and nimble team, where you’ll have the opportunity to dive into a wide breadth of areas and build from the ground up. We’re well supported and well resourced, and have a mandate to deliver a world-class enterprise security program to our teams.

About The Role

As an Enterprise Security Engineer, you will be responsible for implementing and managing the security of OpenAI's internal information systems’ infrastructure and processes. You will work closely with our IT and Security teams to develop security capabilities, enforce security policies, and monitor internal systems for security threats.

This role is open to remote employees, or relocation assistance is available to San Francisco.

In This Role, You Will

• Develop and implement security measures to protect our company's information assets against unauthorized access, disclosure, or misuse.
• Monitor internal and external systems for security threats and respond to alerts.
• Contribute to and enforce our company's IT and Security policies and procedures.
• Work closely with our IT department to harden our infrastructure using best practices in AzureAD, GSuite, Github, and other SaaS tooling.
• Advise our employees on best practices for maintaining the security of their endpoints, and office AV and network infrastructure.
• Devise novel sharing controls and associated monitoring to protect company data, including intelligent groups management, Data Loss Prevention (DLP) and other security controls as appropriate.
• Employ forward-thinking models like “secure by default” and “zero trust” to create sustainably secure environments for knowledge workers and developers.
• Identify and remediate vulnerabilities in our internal systems, adhering to best practices for data security.
• Use our own AI-driven models to develop systems for improved security detection and response, data classification, and other security-related tasks.
• Educate employees on the importance of data security, and advise them on best practices for maintaining a secure environment.
• Contribute to OpenAI's endpoint and cloud security roadmaps by staying up to date with the latest security threats, and making recommendations for improving our security posture.

You Might Thrive In This Role If You Have

• Experience in protecting and managing macOS fleets.
• Experience deploying and managing endpoint security solutions (e.g. management frameworks, EDR tools).
• Experience with public cloud service providers (e.g. Amazon AWS, Microsoft Azure).
• Experience with identity and access management frameworks and protocols, including SAML, OAUTH, and SCIM.
• Experience with e-mail security protocols (e.g. SPF, DKIM, DMARC) and controls.
• Intermediate or advanced proficiency with a scripting language (e.g. Python, Bash, or similar).
• Knowledge of modern adversary tactics, techniques, and procedures.
• Ability to empathize and collaborate with colleagues, independently manage and run projects, and prioritize efforts for risk reduction.

Key skills/competency

• macOS Security
• Endpoint Security (EDR)
• Cloud Security (AWS, Azure)
• Identity & Access Management (IAM)
• Data Loss Prevention (DLP)
• Zero Trust Architecture
• Scripting (Python, Bash)
• Security Policies
• Threat Monitoring
• Vulnerability Management