Security Engineer, Application Security

About this role

OpenAI seeks an Application Security Engineer to identify and mitigate software vulnerabilities through code reviews, penetration testing, and security tool development. You'll partner with development teams to embed secure coding practices throughout the software development lifecycle and foster organizational security awareness.

What you'll do

• Conduct security assessments, code reviews, and penetration tests to identify application vulnerabilities
• Design and implement security tools, frameworks, and methodologies to protect applications
• Collaborate with development teams to integrate security best practices into the SDLC
• Perform threat modeling and risk assessments to identify and mitigate potential security risks
• Manage vulnerability tracking, analysis, and remediation guidance
• Support security incident investigation, analysis, and response for application-related issues

What they're looking for

• Application security and secure coding practices
• Penetration testing and vulnerability assessment
• Programming languages (Python, Java, C++, or similar)
• Security tools (Burp Suite, OWASP ZAP)
• Threat modeling and risk assessment
• Incident response and forensics
• Security protocols and encryption methods
• Clear communication of complex security concepts to technical and non-technical audiences

Benefits

• Hybrid work model: 3 days per week in office
• Relocation assistance available for new employees
• Preferred locations: San Francisco, Seattle, or New York City (remote work may be considered)