Security Engineer, Host Assurance - Remote Opportunity

About the Role

OpenAI is seeking a Security Engineer, Host Assurance to help build the trust foundations for bare-metal platforms across OpenAI’s global infrastructure. This is a deeply hands-on engineering role for a builder who can design, implement, and operate the core security infrastructure that establishes trust in hardware platforms before they are eligible to run workloads. As a Security Engineer, Host Assurance remote, you will play a critical role in ensuring that our systems are secure, reliable, and usable in fast-moving production environments.

What You'll Do

• Design, build, and operate components of the Host Assurance platform that establish trust in bare-metal hosts before they are eligible for production use.
• Help ensure hosts are verifiably trustworthy from delivery and installation through secure bootstrap and readiness to join orchestration systems.
• Build and improve systems such as machine identity, certificate issuance and enrollment, HSM-backed or key-management-backed trust services, host attestation, measurement, and baseline verification tooling.
• Validate delivered hardware and firmware against vendor claims and continuously detect and manage drift over time.
• Eliminate insecure bootstrap patterns while preserving deployment throughput and operational reliability.
• Partner with provisioning, fleet, and orchestration teams to deliver paved paths where the secure approach is the easiest approach.
• Contribute code, reviews, operational improvements, and design guidance for foundational trust services that must be dependable at scale.
• Participate in incident response, debugging, and post-incident improvements for security-critical infrastructure.

Requirements

• Strong software engineering experience building and operating reliable production systems at scale.
• Deep expertise in at least one relevant domain such as PKI, HSMs, machine identity, applied cryptography, secure boot, firmware or hardware security, host attestation, or low-level platform security.
• Comfortable working across systems boundaries, from services and APIs down to host, boot, firmware, or hardware-adjacent trust mechanisms.
• Ability to write production quality code and reason clearly about failure modes, operational safety, and long-term maintainability.
• Experience replacing fragile or manual security mechanisms with durable, paved-path infrastructure.

Nice to Have

• Experience with incident response and security-critical infrastructure.
• Familiarity with cloud-scale orchestration and emerging deployment models.
• Ability to work in ambiguous spaces where the architecture is still emerging.

What We Offer

• Competitive salary ranging from $293K to $385K.
• Relocation assistance to help you move and settle in your new role.
• Hybrid work model with 3 days in the office per week.
• Opportunities for professional growth and development in a cutting-edge AI environment.
• A collaborative and inclusive workplace culture.