About the Role
As an Insider Threat Detection and Response Engineer at OpenAI, you will play a critical role in protecting our sensitive data and systems from internal threats. You will design, build, and operate security systems, develop threat models, and respond to incidents, working closely with various teams across Security, IT, HR, Legal, and Workplace.
What you’ll do
- Design, build, and operate security systems to detect and prevent insider threats and data exfiltration.
- Develop threat models for sensitive assets and data types across the organization.
- Partner with various teams (Security, IT, HR, Legal, Workplace) to respond to security incidents involving insider threats.
- Enhance our incident response playbooks and processes for insider threats, with a focus on automation.
- Contribute to the broader security vision and strategy for insider risk management.
- Participate in an on-call rotation to respond to critical security alerts.
You might be a good fit if you have
- 5+ years of experience in a security engineering role, with a focus on insider threat, data loss prevention (DLP), or incident response.
- Deep understanding of cloud environments (AWS, Azure, GCP), SaaS applications, and enterprise IT infrastructure.
- Proficiency in at least one scripting language (Python, Go, etc.) for automation and tool development.
- Experience with security data analysis, log management, and SIEM platforms (Splunk, ELK, Panther, etc.).
- Strong communication and collaboration skills to work effectively with cross-functional teams.
- Ability to operate autonomously and drive projects from conception to completion.
Bonus if you have (Nice to haves)
- Experience with forensic tools and techniques for incident investigation.
- Familiarity with various operating systems (Linux, macOS, Windows) and their security controls.
- Experience with deception technologies or honey-tokens.
