Security Program Manager

Summary

Join OpenAI's Security team as a Security Program Manager and play a critical role in securing our most important product launches. You will lead cross-functional security reviews, collaborate with engineers and stakeholders, and ensure that all products meet our security standards before release. This role demands ownership of the end-to-end security process, resolving risks and bugs, and maintaining comprehensive documentation. You will communicate security posture to executive stakeholders and work with product and engineering teams to integrate security seamlessly into the development lifecycle. Your work will directly impact the safety and trustworthiness of OpenAI's products. This position requires a strong background in security program management and the ability to navigate complex technical environments.

Requirements

• Have a strong background in security program management, product security, or security operations in fast-paced technical environments
• Are comfortable acting as the glue across multiple security functions and able to speak fluently across technical teams
• Thrive in ambiguous situations and bring structure and calm to fast-moving teams
• Have experience running product launch reviews, security sprints or incident-like response processes with accountability and rigor
• Know how to balance risk and velocity, and are skilled at making (and communicating) tradeoffs under pressure
• Are a proactive communicator who builds trust quickly, earns follow-through, and drives toward secure outcomes
• Are excited to work on launch-critical systems that shape how OpenAI products are secured and deployed

Responsibilities

• Own security readiness for high-priority launches, coordinating reviews and driving resolution of risks and blockers
• Orchestrate cross-functional security reviews with stakeholders from AppSec, InfraSec, GRC and Offensive Security
• Oversee the resolution of bugs, risks, and exceptions, and maintain clear documentation throughout the launch process
• Own and evolve our launch-readiness process which includes defining criteria, codifying playbooks and reducing ambiguity
• Communicate security posture to executive stakeholders with clarity and context
• Partner with product and engineering leads to make security an unblocker—not a bottleneck