CrawlJobs Logo

Offensive Security Engineer, Hardware

openai.com Logo

OpenAI

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

293000.00 - 490000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We're seeking an exceptional Principal-level Offensive Security Engineer to challenge and strengthen OpenAI's security posture. This role isn't your typical red team job - it's an opportunity to engage broadly and deeply, craft innovative attack simulations, collaborate closely with defensive teams, and influence strategic security improvements across the organization. You'll have the chance to not only find vulnerabilities but actively drive their resolution, automate offensive techniques with cutting-edge technologies, and use your unique attacker perspective to shape our security strategy. This role will be primarily focused on continuously testing our hardware products and related services.

Job Responsibility:

  • Collaborate proactively with engineering teams to enhance security and mitigate risks in hardware, firmware, and software
  • Perform comprehensive penetration testing on our diverse suite of products
  • Leverage advanced automation and OpenAI technologies to optimize your offensive security work
  • Present insightful, actionable findings clearly and compellingly to inspire impactful change
  • Influence security strategy by providing attacker-driven insights into risk and threat modeling

Requirements:

  • 7+ years of hands-on experience or exceptional accomplishments demonstrating equivalent expertise
  • Exceptional skill in code review, identifying novel and subtle vulnerabilities
  • Demonstrated mastery assessing complex technology stacks
  • Proven ability to reverse engineer bootrom images, firmware, or silicon-level components
  • Deep familiarity with low-level kernel operations, secure boot processes, and hardware-software interactions
  • Hands-on experience building and validating secure boot chains and threat models
  • Proficiency with hardware debugging tools (UART, JTAG, SWD, oscilloscopes, logic analyzers)
  • Solid programming skills in C/C++, Python, or assembly for embedded systems
  • Industry experience securing consumer hardware (e.g., mobile devices, IoT, chipsets)
  • Excellent written and verbal communication skills for technical and non-technical audiences
  • Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts
  • Excellent coding skills, capable of writing robust tools and automation for offensive operations
  • Ability to communicate complex technical concepts effectively through compelling storytelling
  • Proven track record of not just finding vulnerabilities but actively contributing to solutions in complex codebases

Nice to have:

  • Prior experience working in tech startups or fast-paced technology environments
  • Experience in related disciplines such as Software Engineering (SWE), Detection Engineering, Site Reliability Engineering (SRE), Security Engineering, or IT Infrastructure
What we offer:
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Relocation support for eligible employees
  • Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided
  • Offers Equity
  • Performance-related bonus(es) for eligible employees

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
OpenAI - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 31694 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Offensive Security Engineer, Hardware

Hardware Security Researcher

Internship position in the Donjon team responsible for security of all products ...
Location
Location
France , Paris
Salary
Salary:
1500.00 EUR / Month
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with programming in Python or Rust
  • Basic understanding of (or strong curiosity towards) semiconductor devices and Integrated Circuits stack up and layout
  • Interest in working in a hands-on, experimental lab environment
  • Ability to formalize your work and shape concepts at the relevant abstraction level
  • Ability to develop and document methods, standards, and guidelines
  • Ability to clearly articulate and communicate your ideas, in written and spoken English
Job Responsibility
Job Responsibility
  • Research cutting-edge offensive security techniques
  • Develop reverse engineering techniques and tools for Integrated Circuits manufactured on modern process nodes
  • Develop attacks for the chips you studied based on reverse engineered information
  • Formalize and generalize the attacks you find, and propose systematic ways to mitigate them or altogether render them impossible
  • Submit your findings for publication in academic journals or specialised conferences if time permits
What we offer
What we offer
  • Social: Frequent social events, snacks and drinks
  • Transportation allowance: commuter allowance to contribute to your preferred means of transportation
  • Lunch vouchers: meal allowance with Swile
  • Vacation: 1 day off for every full month of work, in addition to national holidays
  • Fulltime
Read More
Arrow Right

Principal Consultant, Red Team

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
United Arab Emirates , Dubai
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Fulltime
Read More
Arrow Right

Principal Consultant - Offensive Security

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Ability to perform travel requirements as needed to meet business demands
  • Fulltime
Read More
Arrow Right

Offensive Cyber Engineer

At Cryptic Vector, we are dedicated to mission success. We take the time to unde...
Location
Location
United States , Miamisburg
Salary
Salary:
Not provided
crypticvector.com Logo
Cryptic Vector
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field
  • Strong programming skills in C, Assembly, and Python
  • Extensive experience with reverse engineering tools such as Ghidra, IDA Pro, and Wireshark
  • Proficiency with x86 architecture, or other modern architecture, and Hex editors
  • Ability to interface with hardware, including connecting probes to traces, using logic analyzers, and decoding hardware signals
  • Strong problem-solving skills and the ability to think critically and creatively in analyzing software and hardware components
  • Meticulous attention to detail, especially when dealing with complex codebases and hardware systems
  • Priority will be given to candidates with an active Top Secret (TS) clearance
Job Responsibility
Job Responsibility
  • Reverse Engineering (RE) of software/firmware, Vulnerability Research (VR), exploit development/productization
  • Deconstruct and analyze software/firmware to understand its structure, functionality, and behavior
  • Design/develop post-exploitation effects in software/firmware, which can withstand scrutiny and attack
  • Design/develop secure, reliable, software-based communication solutions
  • Design/develop stealth solutions
  • Employ industry-standard tools such as Ghidra, IDA Pro, Wireshark, and Hex editors (e.g., Hex Workshop) to reverse engineer software components
  • Develop scripts and tools in C, Assembly, Rust, and Python to automate and enhance reverse engineering processes
  • Collaborate with hardware teams to understand and interact with physical devices. This includes connecting probes, using logic analyzers, and decoding signals on hardware
  • Write unit tests, functional tests, and end-to-end tests
  • Prepare detailed reports documenting the findings, methodologies, and potential implications of reverse engineering efforts
What we offer
What we offer
  • 100% Company-paid medical insurance for employees
  • 100% Company-paid dental and vision insurance
  • Competitive salary and bonus
  • 25% 401k company contribution
  • Generous PTO, parental leave, bereavement leave, and volunteer time
  • Flexible work hours
  • Tuition reimbursement, training allowance, internal mobility opportunities
  • Free beverages and snacks, Donut Fridays, monthly social events
Read More
Arrow Right

Offensive Cyber Engineer

As an Offensive Cyber Engineer, you’ll dive deep into reverse engineering and vu...
Location
Location
United States , Atlanta
Salary
Salary:
Not provided
crypticvector.com Logo
Cryptic Vector
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field
  • Strong programming skills in C, Assembly, and Python
  • Extensive experience with reverse engineering tools such as Ghidra, IDA Pro, and Wireshark
  • Proficiency with x86 architecture, or other modern architecture, and Hex editors
  • Ability to interface with hardware, including connecting probes to traces, using logic analyzers, and decoding hardware signals
  • Strong problem-solving skills and the ability to think critically and creatively in analyzing software and hardware components
  • Meticulous attention to detail, especially when dealing with complex codebases and hardware systems
  • Priority will be given to candidates with an active Top Secret (TS) clearance
Job Responsibility
Job Responsibility
  • Reverse Engineering (RE) of software/firmware, Vulnerability Research (VR), exploit development/productization
  • Deconstruct and analyze software/firmware to understand its structure, functionality, and behavior
  • Design/develop post-exploitation effects in software/firmware, which can withstand scrutiny and attack
  • Design/develop secure, reliable, software-based communication solutions
  • Design/develop stealth solutions
  • Employ industry-standard tools such as Ghidra, IDA Pro, Wireshark, and Hex editors (e.g., Hex Workshop) to reverse engineer software components
  • Develop scripts and tools in C, Assembly, Rust, and Python to automate and enhance reverse engineering processes
  • Collaborate with hardware teams to understand and interact with physical devices. This includes connecting probes, using logic analyzers, and decoding signals on hardware
  • Write unit tests, functional tests, and end-to-end tests
  • Prepare detailed reports documenting the findings, methodologies, and potential implications of reverse engineering efforts
What we offer
What we offer
  • 100% Company-paid medical insurance for employees
  • 100% Company-paid dental and vision insurance
  • Competitive salary and bonus
  • 25% 401k company contribution
  • Generous PTO, parental leave, bereavement leave, and volunteer time
  • Flexible work hours
  • Tuition reimbursement, training allowance, internal mobility opportunities
  • Free beverages and snacks, Donut Fridays, monthly social events
Read More
Arrow Right

Offensive Cyber Engineer

As an Offensive Cyber Engineer, you’ll dive deep into reverse engineering and vu...
Location
Location
United States , Liberty Township
Salary
Salary:
Not provided
crypticvector.com Logo
Cryptic Vector
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field
  • Strong programming skills in C, Assembly, and Python
  • Extensive experience with reverse engineering tools such as Ghidra, IDA Pro, and Wireshark
  • Proficiency with x86 architecture, or other modern architecture, and Hex editors
  • Ability to interface with hardware, including connecting probes to traces, using logic analyzers, and decoding hardware signals
  • Strong problem-solving skills and the ability to think critically and creatively in analyzing software and hardware components
  • Meticulous attention to detail, especially when dealing with complex codebases and hardware systems
  • Priority will be given to candidates with an active Top Secret (TS) clearance
  • This role requires use of technical data subject to U.S. Government contract restrictions, therefore this posting is only for U.S. Citizens
Job Responsibility
Job Responsibility
  • Reverse Engineering (RE) of software/firmware, Vulnerability Research (VR), exploit development/productization
  • Deconstruct and analyze software/firmware to understand its structure, functionality, and behavior
  • Design/develop post-exploitation effects in software/firmware, which can withstand scrutiny and attack
  • Design/develop secure, reliable, software-based communication solutions
  • Design/develop stealth solutions
  • Employ industry-standard tools such as Ghidra, IDA Pro, Wireshark, and Hex editors (e.g., Hex Workshop) to reverse engineer software components
  • Develop scripts and tools in C, Assembly, Rust, and Python to automate and enhance reverse engineering processes
  • Collaborate with hardware teams to understand and interact with physical devices. This includes connecting probes, using logic analyzers, and decoding signals on hardware
  • Write unit tests, functional tests, and end-to-end tests
  • Prepare detailed reports documenting the findings, methodologies, and potential implications of reverse engineering efforts
What we offer
What we offer
  • 100% Company-paid medical insurance for employees
  • 100% Company-paid dental and vision insurance
  • Competitive salary and bonus
  • 25% 401k company contribution
  • Generous PTO, parental leave, bereavement leave, and volunteer time
  • Flexible work hours
  • Tuition reimbursement, training allowance, internal mobility opportunities
  • Free beverages and snacks, Donut Fridays, monthly social events
Read More
Arrow Right

Cyber Security Intern

We have an exciting opportunity for a Cyber Security Intern to join our team on ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess a genuine interest in the offensive security landscape
  • Experienced with coding (Python, Go, or Bash preferred) and Docker
  • Demonstrable understanding of fundamental cybersecurity principles, networking and operating systems
  • Proven experience with platforms like HackTheBox, TryHackMe, or participation in CTFs
  • An analytical, problem-solving mindset with a willingness to learn
  • Fluent in English, with the ability to work effectively with UK-based colleagues and client
  • Strong documentation skills for both client engagements and tooling documentation
  • Starting or within the final year of university (degree to be completed 2027)
Job Responsibility
Job Responsibility
  • Contribute to the design, coding, and maintenance of internal security tools and automation scripts to streamline our testing processes
  • Assist our wider Cyber Engineering & Testing team on client engagements
  • Help write technical reports for clients, translating complex vulnerabilities into actionable remediation advice
  • Build relevant knowledge of industry-standard tools such as Burp Suite, Metasploit, Nmap, and various vulnerability scanners
  • Explore vulnerabilities within cloud-native environments like AWS, Azure and GCP
  • Ensure familiarity with the OWASP Top 10 and how to identify flaws in modern web architecture
  • Help with testing physical devices and IoT hardware
What we offer
What we offer
  • Hybrid working to support flexibility and wellbeing
  • Industry-leading coaching, mentoring, and benefits
  • Fulltime
Read More
Arrow Right

Systems Engineer Technical Specialist (O&M)

The Systems Engineer will support the Sponsor’s organization as a critical membe...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess and be able to maintain a TS/SCI clearance with Polygraph
  • BS 10-12, MS 8-10, PhD 5-7 or equivalent experience Business, Computer Science, Information Systems, Engineering, or a scientific or technical discipline
  • Ability to develop well documented, actionable, measurable, testable, traceable requirements supporting Sponsor development activities
  • Demonstrated successful experience in applying critical thinking in analyzing Sponsor project and programs to identify technical risks that may impact successful delivery of the Sponsor developed capability
  • Demonstrated successful experience in development of Concept of Operations diagrams utilizing industry best practices through coordination with project stakeholders
  • Demonstrated successful experience forecasting technologies and products that are related to and would advance the Sponsors mission area
  • Demonstrated successful experience in providing independent assessment of projects relating to technical risk and providing suggestions for potential improvement on technical functionality
  • Demonstrated successful experience developing comprehensive project plans that transition cyber research concepts into mission ready capabilities
  • Demonstrated successful experience working with Test Teams to create ad hoc test cases to fully characterize developed offensive cyber capabilities
  • Demonstrated successful experience working with IC or DoD targeting officers to identify new opportunities to enable technical operations to include access, exfil, collection and covert action
Job Responsibility
Job Responsibility
  • Support the Sponsor’s organization as a critical member of the team with a focus on maintaining internal and COTS systems
  • Assessment, verification, and validation of information systems
  • Review system architecture, design documentation, and security processes
  • Review network design documentation
  • Consult and provide solutions to address network technical issues on mission networks
  • Support O&M and installation of operational systems, patching, hardware updates, install machines, debug networking issues, etc.
  • Develop and administer requirements for cyber tools
  • Perform system assessment to support validation of information systems
  • Align the organization’s IT infrastructure, system, and technology strategies with business goals & objectives
  • Work with inter-agency partners to develop technical strategic plans and coordination of cyber strategies
  • Fulltime
Read More
Arrow Right