OpenAI· Security· San Francisco, New York City, and Remote - US
Technical Threat Investigator, Threat Intel Engineering
Comp$230K – $385K
Classified Tasks (18)
Automate 0%Augment 61%Human-Only 39%
Augment (11)
AI assists, human decides
Investigate sophisticated threats targeting OpenAI’s technology, people, research, and infrastructure
analytical
Analyze threat actor behavior, infrastructure, emerging techniques, and how AI is integrated into attacker workflows
analytical
Model attacker behavior to anticipate misuse patterns
analytical
Anticipate misuse patterns and proactively hunt for malicious activity
operational
Identify malicious activity across product surfaces and operational environments
operational
Leverage internal telemetry, OSINT, vendor data, and in‑house safety systems to produce high‑confidence findings on adversarial use, platform abuse, and targeted threats
analytical
Translate investigative findings into concrete improvements across detection, enforcement, intelligence, and safety pipelines
operational
Build and own lightweight tooling, scripts, automations, and agentic workflows to scale investigative throughput and reduce manual effort
technical
Automate investigative processes where it matters to improve speed, repeatability, and effectiveness
technical
Create AI‑assisted workflows to accelerate and scale investigations
technical
Produce clear, high‑signal written outputs and recommendations to inform technical and executive decision‑making
communication
Human-Only (7)
Requires human judgment
Protect the company from sophisticated adversaries targeting OpenAI, its ecosystem, and misuse of models in support of cyber operations
operational
Conduct deep, complex, end-to-end investigations into capable threat actors interacting with OpenAI’s models, products, and ecosystem
analytical
Disrupt malicious activity and adversary operations targeting OpenAI
operational
Drive detection, disruption, enforcement, and safety improvements across the company using investigative insights
leadership
Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and coverage gaps
creative
Partner closely with Security, Safety Systems, Product Policy, and Integrity teams to operationalize findings and drive measurable outcomes
communication
Deliver intelligence that shapes security strategy and equips leadership with timely, risk‑aware insights
leadership
Job description
Technical Threat Investigator, Threat Intel Engineering | OpenAI Careers ## Technical Threat Investigator, Threat Intel Engineering Security - San Francisco, New York City, and Remote - US Apply now(opens in a new window) **About the Team** Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Threat Intelligence team protects OpenAI’s technology, people, research, and infrastructure by proactively identifying and disrupting adversaries who seek to compromise our systems or misuse our models. We investigate sophisticated threats, build tooling to scale and augment analysis, and deliver intelligence that shapes security strategy and equips leadership with timely, risk-aware insights. We combine technical depth, investigative rigor, and strong cross-functional partnerships to uncover threats and drive impact across OpenAI’s security and research organizations. **About the Role** As a Technical Threat Investigator at OpenAI, you will help protect the company from sophisticated adversaries targeting OpenAI and the broader ecosystem, as well as those attempting to misuse our models in support of cyber operations. This is a deeply investigative role. You will independently conduct complex, end-to-end investigations into capable threat actors to understand their behavior, infrastructure, emerging techniques, and how AI is integrated into their workflows. You’ll use these insights to proactively identify malicious activity and drive detection, disruption, enforcement, and safety improvements across the company. You’ll translate your investigative findings into durable solutions that scale impact. You’ll build and own lightweight tooling, automate where it matters, and create AI-assisted workflows to make investigations faster, more repeatable, and more effective over time. **In this role, you will:** * Conduct deep, end-to-end investigations into sophisticated threat actors interacting with OpenAI’s models, products, and broader ecosystem. * Think like an adversary — model attacker behavior, anticipate misuse patterns, and proactively hunt for, identify, and disrupt malicious activity. * Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of our models in cyber operations, platform abuse, and threats targeting OpenAI. * Translate investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines. * Build tooling, scripts, automations, and agentic workflows that scale investigative throughput and reduce manual effort. * Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited. * Partner closely with teams across Security, Safety Systems, Product Policy, and Integrity to operationalize findings and drive meaningful outcomes. * Produce clear, high-signal written outputs and recommendations that inform decision-making across technical and executive stakeholders. **You might thrive in this role if you have:** * Experience in threat intelligence, incident response, offensive security, or a closely related field. * Solid experience investigating sophisticated threat actors, including model misuse, platform abuse, or other adversarial activity in complex environments. * A strong understanding of adversary behavior, infrastructure, and tradecraft, and the ability to apply that understanding to proactive investigations. * Demonstrated ability to independently drive deep technical investigations from ambiguous signals through to clear, actionable findings. * Experience using AI to extend or accelerate investigative workflows. * Strong scripting ability and comfort building lightweight automation, investigative tooling, or workflows that improve scale and repeatability. * Strong ability t