Security Engineer, Detection and Response

Responsibilities

• Build and evolve detection and response capabilities across infrastructure, products, and research environments.
• Engineer detection pipelines and tooling, including rule lifecycle management and quality measurement loops.
• Automate response and investigations by building workflows to reduce toil in triage, enrichment, and containment.
• Partner with infrastructure owners to ensure new systems include necessary telemetry, threat models, and response playbooks.
• Define requirements and drive visibility across endpoints, identity, SaaS, cloud, and Kubernetes environments.
• Evaluate emergent security concerns, such as detection strategies for AI agents operating at scale.

Requirements

• Hands-on experience in threat detection and incident response, including building detections and running investigations.
• Strong understanding of modern adversary tradecraft (TTPs) and how to translate it into detection strategies.
• Experience working in Kubernetes and containerized environments, including cluster telemetry and attack modes.
• Proficiency with major cloud platforms such as Azure, AWS, GCP, or OCI.
• Ability to apply a threat modeling mindset to evaluate new infrastructure and features.
• Strong scripting skills and experience building automation to replace repetitive tasks.

About the Company

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products.