Software Engineer, Trusted Computing and Cryptography

About The Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

About The Role

The Software Engineer, Trusted Computing and Cryptography role is an engineering and security position within the OpenAI Security organization. This team focuses on:

• Deploying high-performance cryptography at scale
• Key management (including secure offline physical backups, multi-party computation)
• Trusted hardware enclaves that enable everything from boot measurements to GPU confidential computation

We're looking for a software engineer to join our team at OpenAI to help us build out and secure our critical computing infrastructure, focusing on trusted computing and cryptography at scale.

This role may be based remotely in the US with occasional travel to our San Francisco HQ or other offices as needed by the team or role. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.

In This Role, You Will

• Write high-quality, performance-critical code in Rust and Python.
• Work alongside researchers, engineers, and security experts to integrate and scale advanced cryptographic techniques into our production and research systems.
• Write foundational libraries to support cryptographic operations and ensure security best practices are embedded into our infrastructure.
• Design, implement, and maintain secure key management systems for production environments.
• Design and deploy systems that help us trust our infrastructure, using security primitives and technologies such as tpm2, Secure Boot, Nitro Enclaves, confidential computing, Intel SGX, and AMD-SEV.
• Research, design, and implement operating system-level security measures, such as remote attestation, runtime TPM measurement, and host integrity verification.

You Might Thrive In This Role If You

• Have extensive experience as a software engineer working on global-scale production systems.
• Are experienced in deploying cryptographic systems at scale, with a strong understanding of production cryptographic key management.
• Have familiarity with security primitives, including but not limited to TPM2, Secure Boot, secure enclaves, and confidential computing platforms.
• Have professional experience programming in Python and proficiency in Rust and/or C/C++.
• Own problems end-to-end and are willing to acquire any missing knowledge to get the job done.
• Have experience architecting, observing, and debugging production distributed systems.
• Exhibit a humble attitude, eagerness to help colleagues, and a commitment to the team’s success.
• Are self-directed and enjoy identifying the most important problems to tackle.
• Have experience rebuilding or significantly refactoring production systems to accommodate rapidly increasing scale.
• Have a good intuition for when off-the-shelf solutions will work and can quickly build tools to accelerate workflows when they won’t.

Key skills/competency

• Cryptography
• Trusted Computing
• Key Management
• Rust
• Python
• Distributed Systems
• Security Primitives (TPM2, Secure Boot)
• Confidential Computing
• Infrastructure Security
• System Architecture