Enterprise Security Engineer

Summary

Join OpenAI's IT team as an Enterprise Security Engineer and contribute to a world-class enterprise security program. You will implement and manage the security of OpenAI's internal information systems, collaborating with IT and Security teams to develop security capabilities and enforce policies. This role involves developing and implementing security measures, monitoring systems for threats, contributing to IT and Security policies, hardening infrastructure, advising employees on security best practices, devising novel sharing controls, employing forward-thinking security models, identifying and remediating vulnerabilities, using AI-driven models for improved security, and educating employees on data security. The position offers remote work options or relocation assistance to San Francisco. You will work in a highly technical and employee-focused environment within a small and nimble team.

Requirements

• Experience in protecting and managing macOS fleets
• Experience deploying and managing endpoint security solutions (e.g. management frameworks, EDR tools)
• Experience with public cloud service providers (e.g. Amazon AWS, Microsoft Azure)
• Experience with identity and access management frameworks and protocols, including SAML, OAUTH, and SCIM
• Experience with e-mail security protocols (e.g. SPF, DKIM, DMARC) and controls
• Intermediate or advanced proficiency with a scripting language (e.g. Python, Bash, or similar)
• Knowledge of modern adversary tactics, techniques, and procedures
• Ability to empathize and collaborate with colleagues, independently manage and run projects, and prioritize efforts for risk reduction

Responsibilities

• Develop and implement security measures to protect our company's information assets against unauthorized access, disclosure, or misuse
• Monitor internal and external systems for security threats and respond to alerts
• Contribute to and enforce our company's IT and Security policies and procedures
• Work closely with our IT department to harden our infrastructure using best practices in AzureAD, GSuite, Github, and other SaaS tooling
• Advise our employees on best practices for maintaining the security of their endpoints, and office AV and network infrastructure
• Devise novel sharing controls and associated monitoring to protect company data, including intelligent groups management, Data Loss Prevention (DLP) and other security controls as appropriate
• Employ forward-thinking models like “secure by default” and “zero trust” to create sustainably secure environments for knowledge workers and developers
• Identify and remediate vulnerabilities in our internal systems, adhering to best practices for data security
• Use our own AI-driven models to develop systems for improved security detection and response, data classification, and other security-related tasks
• Educate employees on the importance of data security, and advise them on best practices for maintaining a secure environment
• Contribute to OpenAI's endpoint and cloud security roadmaps by staying up to date with the latest security threats, and making recommendations for improving our security posture

Benefits

This role is open to remote employees, or relocation assistance is available to San Francisco