CrawlJobs Logo

Security Engineer, Agent Security

United States, San Francisco 293000.00 - 385000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

The team’s mission is to accelerate the secure evolution of agentic AI systems at OpenAI. To achieve this, the team designs, implements, and continuously refines security policies, frameworks, and controls that defend OpenAI’s most critical assets—including the user and customer data embedded within them—against the unique risks introduced by agentic AI. As a Security Engineer on the Agent Security Team, you will be at the forefront of securing OpenAI’s cutting-edge agentic AI systems. Your role will involve designing and implementing robust security frameworks, policies, and controls to safeguard OpenAI’s critical assets and ensure the safe deployment of agentic systems. You will develop comprehensive threat models, partner tightly with our Agent Infrastructure group to fortify the platforms that power OpenAI’s most advanced agentic systems, and lead efforts to enhance safety monitoring pipelines at scale.

Job Responsibility

  • Architecting security controls for agentic AI – design, implement, and iterate on identity, network, and runtime-level defenses (e.g., sandboxing, policy enforcement) that integrate directly with the Agent Infrastructure stack
  • Building production-grade security tooling – ship code that hardens safety monitoring pipelines across agent executions at scale
  • Collaborating cross-functionally – work daily with Agent Infrastructure, product, research, safety, and security teams to balance security, performance, and usability
  • Influencing strategy & standards – shape the long-term Agent Security roadmap, publish best practices internally and externally, and help define industry standards for securing autonomous AI

Requirements

  • Strong software-engineering skills in Python or at least one systems language (Go, Rust, C/C++), plus a track record of shipping and operating secure, high-reliability services
  • Deep expertise in modern isolation techniques – experience with container security, kernel-level hardening, and other isolation methods
  • Hands-on network security experience – implementing identity-based controls, policy enforcement, and secure large-scale telemetry pipelines
  • Clear, concise communication that bridges engineering, research, and leadership audiences
  • comfort influencing roadmaps and driving consensus
  • Bias for action & ownership – you thrive in ambiguity, move quickly without sacrificing rigor, and elevate the security bar company-wide from day one
  • Cloud security depth on at least one major provider (Azure, AWS, GCP), including identity federation, workload IAM, and infrastructure-as-code best practices

Nice to have

Familiarity with AI/ML security challenges – experience addressing risks associated with advanced AI systems

What we offer

  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Relocation support for eligible employees
  • Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided
  • Offers Equity
  • performance-related bonus(es) for eligible employees

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security Engineer, Agent Security

8 matching positions

Senior Security Engineer, Security Operations

The senior security engineer role provides a unique opportunity to shape the sec...
Location
Location
United States , REMOTE; SAN FRANCISCO; ROSEVILLE; LEHI; WEST PALM BEACH; IRVINE
Salary
Salary:
146000.00 - 170000.00 USD / Year
goodleap.com Logo
GoodLeap
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences
  • Expertise in security event management, monitoring, threat hunting, incident response, playbook creation, orchestration/automations
  • Experience with threat modeling methodologies
  • Expertise with EDR solutions/platforms, such as CrowdStrike, S1, Palo Alto Cortex EDR
  • Experience with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus)
  • Proven ability to establish credibility and build trust with business, engineers, and operational staff
  • Experience designing, configuring, and implementing security and fraud monitoring for core enterprise systems, e.g., ERP, HCM, Salesforce
  • Experience working with and creating solutions based AI and ML toolsets – e.g., creation of AI skills, agents, MCP clients, vibe coding
  • Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases
  • Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK
Job Responsibility
Job Responsibility
  • Lead, participate in, and contribute to security and fraud monitoring, detection, and response activities, inclusive of investigations, threat hunting,etc. Create playbooks for specific incident response scenarios
  • Identify potential misuse and abuse cases in enterprise systems, propose solutions to detect these scenarios, and identify and implement monitoring and detection solutions for such scenarios
  • Support or develop components of the security analytics platform
  • Support embedded (product) security team
  • Support general security operations team with vulnerability management, tools management, and more
What we offer
What we offer
  • bonus
  • equity
  • Fulltime
Read More
Arrow Right

Application Security Engineer, AI Security

Notion is looking for security engineers that have a passion for securing comple...
Location
Location
United States , San Francisco
Salary
Salary:
230000.00 - 280000.00 USD / Year
notion.so Logo
Notion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Security Architecture expertise: You have at least 6+ years of experience working with product teams to design and/or build secure software
  • Thoughtful problem-solving
  • Impact-driven approach to technology
  • Pragmatic and business-oriented
  • Empathetic communication
  • Startup mentality
  • You don’t need to be an AI expert, but you’re curious and willing to adopt AI tools to work smarter and deliver better results
Job Responsibility
Job Responsibility
  • Help define the security models for Notion’s products as they ship, giving guidance to engineering and product teams to ensure new features meet strict enterprise security requirements
  • Perform hands on testing and develop automated red teaming for AI and agentic features, especially focused on AI specific risks like prompt injection
  • Make the secure path the easy path for product teams by providing design guidance and finding architectural solutions that eliminate classes of vulnerabilities
  • Provide developers guidance and education on security and privacy best practices that prevent the authoring of vulnerabilities
  • leverage skills, MCP enabled tools, and hooks to help prevent vulnerabilities for developers using agentic coding tools
  • Participate in and drive mitigation strategies during AppSec related incident responses
What we offer
What we offer
  • Highly competitive cash compensation, equity, and benefits
  • Fulltime
Read More
Arrow Right

Staff Security Software Engineer - Security Operations

The Role GM’s Cybersecurity Team safeguards the company’s global information ...
Location
Location
United States , Austin
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years in software engineering with a focus on distributed systems, security integrations, and data platforms
  • Deep expertise building event-driven, horizontally scalable services and contract-first APIs
  • Track record productizing AI in security workflows (multi-agent patterns, RAG at scale, evaluation harnesses, guardrails, red-teaming)
  • Cloud architecture depth (Azure/AWS/GCP), including networking, Kubernetes, service meshes, observability stacks, and IaC at scale
  • Data platform expertise: streaming (Kafka/Event Hub/PubSub), vector/search (pgvector/FAISS/Pinecone), schema/versioning, governance/lineage
  • Demonstrated org-wide influence: authored standards, drove cross-team adoption, led multi-quarter programs to successful outcomes
  • Exceptional communication with executives
  • ability to frame risk, ROI, and tradeoffs succinctly
Job Responsibility
Job Responsibility
  • Set the reference architecture for security data integration and AI orchestration (agents, policy-guard railed workflows, governance)
  • Lead cross-org programs that unify SIEM/EDR/IAM/SSPM/CSPM/ITSM/cloud data models and establish single sources of truth
  • Operationalize AI at scale with safety, privacy, and governance—including data retention, PII controls, model routing, evaluation, and fallback strategies
  • Drive cost/performance optimization (throughput, latency, storage tiering, vector index strategies) for high-volume security telemetry
  • Influence vendor strategy and negotiate integration roadmaps
  • guide build-vs-buy decisions and multi-year investments
  • Mentor/coach Staff/Senior engineers
  • build a culture of design excellence, pragmatic risk management, and measurable outcomes
  • Communicate upward with crisp executive narratives, metrics, and business impact framing
What we offer
What we offer
  • Relocation benefits
  • Fulltime
Read More
Arrow Right

Staff Enterprise Security Engineer, AI Security

As a Staff Enterprise Security Engineer, you will be a technical leader within t...
Location
Location
Ireland
Salary
Salary:
Not provided
stytch.com Logo
Stytch
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in security engineering or infrastructure security
  • 2+ years of experience leading teams in a technical capacity or leading technical risk analysis in an enterprise environment
  • Expertise in cloud security (AWS, GCP) and container security (Kubernetes)
  • Proven track record of designing and deploying complex security systems at scale
  • Strong proficiency in programming languages such as Python, Go, or Java
Job Responsibility
Job Responsibility
  • Design and implement secure reference architectures for Enterprise AI platforms that secures every Twilion’s engagement with them, ensuring data integrity, regulatory compliance, and resilience against evolving AI threats
  • Establish a definitive framework for AI vetting, driving the cultural and policy shifts needed to institutionalize this strategic mindset across the organization
  • Collaborate with cross functional partners to develop and set the long term roadmap for agentic AI identity and posture management, ensuring cohesive strategies for reducing risk from agentic AI use
  • Maintain and improve our enterprise security posture through high-quality code (Python, Go, or similar) and automated infrastructure management via IAC
  • Act as a technical mentor to junior engineers and a strategic advisor to leadership on the evolving AI landscape
What we offer
What we offer
  • Competitive pay
  • Generous time off
  • Ample parental and wellness leave
  • Healthcare
  • Retirement savings program
  • Fulltime
Read More
Arrow Right

Senior Security Software Engineer - Security Operations

The Role GM’s Cybersecurity Team safeguards the company’s global information ass...
Location
Location
United States , Warren
Salary
Salary:
125200.00 - 158600.00 USD / Year
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years in software security engineering
  • advanced proficiency in modern programming languages
  • Expert in API development, microservices, event streaming, and idempotent integration patterns
  • Experience deploying software using any modern CI/CD pipeline and automated delivery practices
  • Hands-on with security tooling integrations (e.g., SIEM, EDR, SSPM)
  • Proven AI integration experience: LLM agents, embeddings, vector databases, RAG, prompt engineering
  • Cloud proficiency (Azure/AWS/GCP) and IaC (Terraform/Bicep/ARM/CloudFormation)
  • Data engineering fluency: ETL/ELT, schema design, normalization/enrichment
  • formats (JSON, YAML, syslog, STIX/TAXII)
  • Excellent cross-functional communication
Job Responsibility
Job Responsibility
  • Own architecture & delivery for complex integration services (APIs, microservices, event-driven workflows) with production SLIs/SLOs
  • Build AI-driven workflows (RAG, summarization, classification, agents) that augment investigations, triage, and orchestration
  • Create reusable connectors bridging SIEM/EDR/IAM/SSPM/ITDR/ITSM and cloud telemetry with robust error handling, retries, and DLQs
  • Implement security automation (SOAR-like playbooks) that enrich alerts and trigger deterministic + AI-assisted responses
  • Harden and observe services with CI/CD, automated testing, performance profiling, metrics, and incident runbooks
  • Mentor engineers and lead technical design reviews, coding standards, and reference implementations
  • Translate requirements into clear epics/roadmaps
  • align stakeholders and deliver on time with quality
What we offer
What we offer
  • medical
  • dental
  • vision
  • Health Savings Account
  • Flexible Spending Accounts
  • retirement savings plan
  • sickness and accident benefits
  • life insurance
  • paid vacation & holidays
  • incentive pay program based on company, job level, and individual performance
  • Fulltime
Read More
Arrow Right

Cross Technology Service Delivery Field Support Engineer (L2) - Security Engineer

The Cross Technology Service Delivery Security Support Engineer (L2) role at NTT...
Location
Location
Philippines , Makati
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 4 to 6 years of total experience
  • Minimum 2 to 3 years as a Network Security support resource
  • Degree or relevant qualification in IT/Computing (or demonstrated equivalent work experience)
  • Required certification: Check Point Certified Security Administrator (CCSA) or Check Point Certified Expert (CCSE) or Check Point Certified Cloud Specialist (CCCS) or Check Point Certified VSX Specialist or Check Point Certified Maestro Expert or Cisco Certified Network Associate - Enterprise or Cisco Certified Network Associate - Security or Cisco Certified Network Professional – Enterprise or Cisco Certified Network Professional – Security
  • Experience with troubleshooting and providing support in security/network/data center/systems/monitoring Services within a medium to large ICT organization
  • Working knowledge of management agents, redundancy concepts, and products within the supported technical domain (i.e. Security, Network, Data Center, Telephony, Exchange, Cloud, Backup, etc.)
  • Handled security products like Firewalls, Cloud Security and SASE (i.e Check Point NGFW, Check Point CloudGuard, Check Point Harmony, etc.)
Job Responsibility
Job Responsibility
  • Provide a managed service to clients to ensure their IT infrastructure and systems remain operational
  • Proactively monitor, identify, investigate, and resolve technical incidents and problems to restore service
  • Proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA)
  • Contribute to / support on project work as and when required
  • Monitor client infrastructure and solutions
  • Identify problems and errors prior to or when they occur
  • Routinely identify common incidents and opportunities for avoidance as well as general opportunities for incident reduction
  • Investigate first line incidents assigned and identify the root cause of incidents and problems
  • Fulfill approved requests following agreed procedures
  • Provide telephone or chat support to clients when required
What we offer
What we offer
  • Workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive
  • Part of a global company that is a $30+ billion business and technology services leader
  • Committed to accelerating client success and positively impacting society through responsible innovation
  • Global Top Employer with experts in more than 50 countries
  • Equal Opportunity Employer with a global culture that embraces diversity
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer (DataDog)

We are seeking a Cyber Security engineer to join our team in supporting our cust...
Location
Location
United States , Washington, DC
Salary
Salary:
75.00 - 85.00 USD / Hour
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of hands-on cybersecurity engineering experience, with at least 5 years in SIEM platform engineering, administration, or log management
  • Demonstrable, hands-on Datadog experience-including platform administration, DataPrime query language, alert development (threshold, anomaly, flow, ratio), Parsing Rules engineering, TCO Optimizer configuration, and log pipeline design
  • Proven experience architecting and managing enterprise-scale logging pipelines, including OpenTelemetry Collector (OTEL) deployment in agent/gateway models
  • Experience onboarding and integrating diverse log sources: cloud APIs (AWS CloudTrail, VPC Flow Logs, S3/SNS/SQS), Kubernetes/EKS workloads, Windows/Linux endpoints, and network/security appliances (Palo Alto, Check Point, NetScaler, Citrix)
  • Experience designing log pipelines with data masking, field redaction, or sensitive data handling requirements
  • Datadog: DataPrime, GROK/regex Parsing Rules, alert types (threshold/anomaly/flow/ratio/metric), TCO Optimizer, Subsystem/Scope/RBAC administration, SSO/SAML configuration, API key management, Cases, SLO configuration, Olly AI agent, Streama ML
Job Responsibility
Job Responsibility
  • Datadog Platform Administration. As full Platform Administrator within the shared multi-tenant SOC organization
  • Enterprise Log Collection Pipeline Architecture & Operations. Design, implement, and maintain log collection pipelines for multiple networks with distinct architectural constraints
  • Detection Engineering
  • Incident Management & SLA Instrumentation
  • SecOps Technology Stack Contribution
Read More
Arrow Right

Senior Agentic Identity & Access Security Engineer

Our client is a leading global investment management company headquartered in Lo...
Location
Location
Poland;Spain;United Kingdom
Salary
Salary:
Not provided
Intellias
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years in security architecture and/or platform engineering, with a track record of shipping production code. Principal / Staff-level depth, ideally in a high-velocity or quant / financial-services engineering culture
  • Deep, mechanical command of modern identity and authorisation: OIDC / OAuth2 / JWT — token issuance flows, claims design, and delegation / impersonation patterns
  • Hands-on HashiCorp Vault experience, including dynamic / short-lived secrets and the realities of migrating off long-lived tokens without breaking a large application estate at once
  • Keycloak policy modelling, ideally with the Terraform-driven configuration the firm already uses
  • Strong Terraform / IaC fluency — enough to design repeatable, self-service patterns that others adopt, rather than bespoke per-team setups
  • Working knowledge of the Active Directory + Entra legacy reality: nested groups, LDAP-backed role mapping, and the distribution-list-as-permission-group failure mode — able to design around the mess pragmatically
Job Responsibility
Job Responsibility
  • Design and ship IaC-driven, self-service identity patterns that roll out firm-wide without requiring a full Active Directory cleanup first
  • Define the currently undefined agentic runtime security model: containerised code execution, permission delegation to agents, and MCP-based tool access
  • Lead the transition from long-lived secrets toward ephemeral, time-based, risk-scored credentials, scoped to task duration and issued via JWT / OIDC
  • Layer LLM / software guardrails (policy-as-text plus human review) on top of whatever hard guardrails are feasible across the estate
  • Establish an opinionated onboarding standard (e.g. mandatory MCP interfaces) and win adoption through better defaults and developer experience, not mandate alone
  • Design SIEM integration, behavioural baselining, and anomaly detection for agentic workflows, and centralise siloed audit logs to satisfy both security and regulatory requirements
  • Take bounded beachheads (for example, authenticate users and then delegate scoped access to internal systems) from vague to delivered
Read More
Arrow Right