Jobs · Customer Service · Washington

Security Engineer, Host Assurance

OpenAI · Seattle, WA · 4 days ago
HybridCustomer Service$293k–$385k/yrFull-time

About The Team

Security is foundational to OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Security organization protects OpenAI’s technology, people, and products by building and operating deeply technical systems that must work reliably at massive scale. Our work underpins OpenAI’s commitments around safety, privacy, and security across research, products, and emerging platforms.

The Host Assurance team exists to make bare metal a dependable, scalable foundation for OpenAI: secure by default, verifiable in practice, and resilient across providers and operating models. We operate at the trust boundary between physical hardware and cloud-scale orchestration, ensuring that hosts are eligible to safely run workloads with predictable security properties and auditability.

About The Role

OpenAI is seeking a Security Engineer, Host Assurance to help build the trust foundations for bare-metal platforms across OpenAI’s global infrastructure. This is a deeply hands-on engineering role for a builder who can design, implement, and operate the core security infrastructure that establishes trust in hardware platforms before they are eligible to run workloads.

  • Success in this role requires strong technical judgment, the ability to work comfortably at low levels of the stack, and a practical mindset for building systems that are secure, reliable, and usable in fast-moving production environments.

  • The systems you build will sit on the critical path of OpenAI’s frontier infrastructure investments and will directly shape how large amounts of compute are brought online - securely, responsibly, and at global scale - underpinning long-lived commitments around privacy, security, and reliability.

  • You will partner closely with infrastructure, research, and confidential computing initiatives—including novel hardware platforms and emerging deployment models— to make the secure path the easiest path.

  • This role is well suited for engineers who enjoy working across trust services, operating systems, hardware and firmware validation, and infrastructure security, and who are excited by ambiguous, high-impact problems at the boundary of hardware and large-scale systems.

Responsibilities

Help ensure hosts are verifiably trustworthy from delivery and installation through secure bootstrap and readiness to join orchestration systems.

  • Build and improve systems such as machine identity, certificate issuance and enrollment, HSM-backed or key-management-backed trust services, host attestation, measurement, and baseline verification tooling.

  • Validate delivered hardware and firmware against vendor claims and continuously detect and manage drift over time.

  • Eliminate insecure bootstrap patterns while preserving deployment throughput and operational reliability.

  • Partner with provisioning, fleet, and orchestration teams to deliver paved paths where the secure approach is the easiest approach.

  • Contribute code, reviews, operational improvements, and design guidance for foundational trust services that must be dependable at scale.

  • Help define observable, testable security properties for host platforms and improve the telemetry and validation needed to enforce them in practice.

  • Participate in incident response, debugging, and post-incident improvements for security-critical infrastructure.

  • Work across different deployment models and provider boundaries while maintaining a consistent bar for host trust outcomes.

Requirements

Strong software engineering experience building and operating reliable production systems at scale.

  • Deep expertise in at least one relevant domain such as PKI, HSMs, machine identity, applied cryptography, secure boot, firmware or hardware security, host attestation, or low-level platform security.

  • Comfortable working across systems boundaries, from services and APIs down to host, boot, firmware, or hardware-adjacent trust mechanisms.

  • Write production quality code and reason clearly about failure modes, operational safety, and long-term maintainability.

  • Experience replacing fragile or manual security mechanisms with durable, paved-path infrastructure.

  • Balance rigor with pragmatism, and care about making strong security controls deployable in real-world environments.

  • Self-directed, low ego, and willing to work across disciplines to solve the most important problems.

  • Enjoy building in ambiguous spaces where the architecture is still emerging, stakes are at all time high, and the future is being built.

Qualifications

Self-motivated, able to work independently, and thrive in ambiguous, high-impact problem-solving environments.

Ability to work effectively in a dynamic, fast-paced environment.

Excellent communication skills, both written and verbal.

Passion for solving complex technical problems.

Experience with open-source projects or contributing to open-source projects.

Experience with CI/CD pipelines and automation tools.

Experience with cloud-native technologies and containerization.

Experience with security-focused tools and technologies.

Experience with distributed systems and microservices.

Experience with security testing and vulnerability management.

Experience with security audits and penetration testing.

Experience with security policy development and enforcement.

Experience with security architecture and design.

Experience with security operations and incident response.

Experience with security compliance and regulatory requirements.

Experience with security training and awareness programs.

Experience with security metrics and analytics.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security training and awareness programs.

Experience with security testing and vulnerability management.

Experience with security operations and incident response.

Experience with security compliance and regulatory requirements.

Experience with security architecture and design.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Experience with security risk assessment and mitigation.

Experience with security threat modeling and analysis.

Experience with security metrics and analytics.

Experience with security auditing and compliance.

Experience with security incident response and forensics.

Experience with security policy development and enforcement.

Similar jobs

Security Engineer

Technix LLCMinnesota, United States· 4 days ago
Information Technologyapply on adzuna.com

Security Engineer

HaystackPhiladelphia, PA· 4 days ago
Information Technology$126k–$210k/yrapply on haystack.cv

Security Engineer

AdobeSeattle, WA· 5 days ago
Information Technologyapply on careers.adobe.com

Security Engineer

ResilienceWashington, DC· 1 wk ago
RemoteEngineering$150k/yrapply on grnh.se