OpenAI· Security· Remote - US, New York City, Seattle, and San Francisco
Principal Software Engineer, Infrastructure Security
Comp$347K – $490K
Classified Tasks (15)
Automate 0%Augment 67%Human-Only 33%
Augment (10)
AI assists, human decides
Design and implement planet-scale security systems across hardware, operating systems, Kubernetes, networks, and CI/CD while balancing security, reliability, latency, and developer ergonomics.
technical
Shape interfaces, migration plans, and safe rollout strategies across large fleets and critical workflows.
operational
Build or evolve security primitives including identity, attestation, authorization, encryption key lifecycle, and access mediation.
technical
Leverage frontier models and agents to develop automation and detection tooling that continuously identify and mitigate risks in large-scale cloud and on-prem environments.
technical
Conduct design reviews for major initiatives.
analytical
Create threat models for major initiatives.
analytical
Safeguard research and production environments including GPU supercomputing clusters, multi-cloud infrastructure, datacenters, networking, storage, and critical services.
operational
Protect bare-metal hardware, firmware, Kubernetes clusters, service meshes, and data pathways that carry sensitive model weights and user data.
technical
Ensure core security systems remain robust under intense scale and adversarial pressure.
operational
Ensure high standards of reliability, scalability, and software craftsmanship in core security services.
leadership
Human-Only (5)
Requires human judgment
Own the architecture and roadmap for one or more core security services, taking them from design to rollout to long-term operation.
leadership
Set technical direction and drive execution of critical foundational security services such as authentication systems, egress/ingress proxies, access brokers, and key management platforms.
leadership
Lead cross-functional launches with infrastructure and research engineering teams.
leadership
Drive closure on systemic security issues.
operational
Mentor engineers across InfraSec and partner teams to raise engineering quality, operational readiness, and secure-by-default practices.
leadership
Job description
Principal Software Engineer, Infrastructure Security | OpenAI Careers ## Principal Software Engineer, Infrastructure Security Security - Remote - US, New York City, Seattle, and San Francisco Apply now(opens in a new window) **About the Team** Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but operational in how we execute, and we support every product and research effort at OpenAI. Our tenets include prioritizing for impact, enabling researchers and developers, preparing for future transformative technologies, and fostering a strong, collaborative security culture. **About the Role** OpenAI is seeking a Principal Software Engineer to join the Infrastructure Security (InfraSec) team. InfraSec safeguards the core of OpenAI’s research and production environments: GPU supercomputing clusters, multi-cloud infrastructure, datacenters, networking, storage, and the critical services that power our frontier AI models. Our charter spans everything from bare-metal hardware and firmware to Kubernetes clusters, service meshes, and the data pathways that carry highly sensitive model weights and user data. As a Principal Software Engineer, you will set technical direction and drive execution of critical foundational services, such as authentication systems, egress/ingress proxies, access brokers, and key management platforms, that demand high standards of reliability, scalability, and software craftsmanship. These systems form the security backbone of OpenAI’s customer and supercomputing environment and must remain robust under intense scale and adversarial pressure. **In this role, you will:** * Own the architecture and roadmap for one or more core security services (e.g., authN/Z, policy enforcement, secure proxies, key management), taking them from design to rollout to long-term operation. * Design and implement planet-scale security systems that provide strong guarantees across hardware, operating systems, Kubernetes, networks, and CI/CD: balancing security, reliability, latency, and developer ergonomics. * Lead cross-functional launches with infrastructure and research engineering teams, shaping interfaces, migration plans, and safe rollout strategies across large fleets and critical workflows. * Build or evolve security primitives (identity, attestation, authorization, encryption key lifecycle, access mediation) that become platform building blocks for OpenAI. * Leverage frontier models and agents to develop automation and detection tooling to continuously identify and mitigate risks in large-scale cloud and on-prem environments. * Lead design reviews and threat models for major initiatives, and drive closure on systemic issues. * Mentor engineers across InfraSec and partner teams, raising the bar on engineering quality, operational readiness, and secure-by-default practices. **You will thrive in this role if you have:** * Strong software engineering skills with a track record of shipping and operating reliable distributed systems in production. * Experience building or operating critical infrastructure, especially security infrastructure, at planet scale (e.g., auth services, service-to-service proxies, certificate or key-management systems). * Deep understanding of security principles, best practices, and common vulnerabilities. * Demonstrated ability to lead cross-team technical initiatives: setting direction, aligning stakeholders, driving execution, and delivering measurable outcomes. * Expertise and curiosity about using frontier models and agents to effectively solve security challenges. * Expertise in securing large-scale cloud platforms (e.g., Azure, AWS, GCP), including multi-cloud networks and cloud-agnostic system design. * A proactive mindset, with the ability to identify and address security