CrawlJobs Logo

Security Engineer, Insider Threat Detection & Response

openai.com Logo

OpenAI

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

230000.00 - 385000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As a Security Engineer you will join our OpenAI engineers and researchers in building, operating and securing transformational AI technologies. This role will focus on all aspects of Detection & Response but with a strong emphasis on detecting insider threats and influencing controls to safeguard OpenAI's most sensitive assets.

Job Responsibility:

  • Innovate on Detection and Response infrastructure to engineer and automate end-to-end detection and investigation workflows
  • Develop, measure, and tune detection rules to ensure effective and sustainable operations
  • Drive projects across OpenAI’s technology stack with a focus on insider threats, ranging from access abuse and intellectual property theft to novel risks emerging within AI infrastructure
  • Partner closely with cross-functional stakeholders, including HR, Legal, and peer investigative teams, providing technical expertise and evidence to support investigations
  • Collaborate on cutting-edge AI research, and use AI to improve OpenAI’s Security posture

Requirements:

  • 5+ years experience working in a detection/response or insider-risk role
  • Broad familiarity with operating systems and platforms such as macOS, Windows, Linux, and Kubernetes, along with experience in cloud infrastructure
  • Knowledge of modern adversary tactics and attack paths, data exfiltration techniques, and have experience running and leading incidents
  • Proficiency with a scripting language (e.g. Python, Bash, PowerShell, or similar)
  • Independently manage and run projects, balance preventative controls with user friction, and prioritize efforts for risk reduction
  • Motivated by securing transformative technology and can adapt familiar security frameworks to new risks in AI infrastructure
What we offer:
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Relocation support for eligible employees
  • Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided
  • Offers Equity
  • Performance-related bonus(es) for eligible employees

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
OpenAI - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Engineer, Insider Threat Detection & Response

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Security Engineer - Detection Engineering, Surface Coverage

Meta Security is looking for a Security Engineer with experience in threat model...
Location
Location
United States , Bellevue
Salary
Salary:
122000.00 - 181000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in Detection and Response Engineering or similar Security Engineering role
  • Bachelor's degree or equivalent experience in Cyber Security
  • Experience building complex automations and integrations using Security Orchestration, Automation and Response platforms
  • Experience designing systems used for responding to both external and insider threats
  • Experience analyzing network and host-based security events
  • Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols
  • Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
  • Coding/scripting experience in one or more general purpose languages
  • Experience with attacker tactics, techniques, and procedures
Job Responsibility
Job Responsibility
  • Lead cross-functional projects to improve our functionalities to effectively detect and respond to security incidents
  • Review security architecture of large-scale custom and commercial systems and under your own initiative propose logging, detection and prevention controls
  • Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
  • Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
  • Build response workflows and actions that auto-resolve false positives and provide context scaling our capacity to investigate
  • Support security incident response in a cross-functional environment and drive incident resolution
  • Design and implement attack testing automation to validate detection coverage
  • Build logging pipelines using our custom datasets and infrastructure
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right

Senior Security Engineer, Threat Intelligence

As a Senior Security Engineer specializing in Threat Intelligence on the Detecti...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in technical security engineering roles
  • 3+ years focused on threat intelligence
  • Strong understanding of modern attacker TTPs, including cloud-native, SaaS, identity-focused, and insider-adjacent threat patterns
  • Experience developing intelligence requirements, prioritization frameworks, analysis workflows, and emulation scenarios
  • Hands-on experience with scripting or automation (e.g., Python, APIs, SOAR workflows) to improve operational efficiency and cross-team execution
  • Ability to produce concise, high-quality written intelligence, including executive-level summaries
  • Familiarity with security telemetry, logs, and investigative workflows used by detection and response teams
  • Willingness to participate in an on-call rotation and support security incidents during high-severity or off-hours events
Job Responsibility
Job Responsibility
  • Research, track, and assess the threat landscape by analyzing relevant threat actors, campaigns, and behaviors affecting 1Password’s attack surface, identity systems, brand, third-party ecosystem, and insider risk scenarios
  • Analyze and prioritize information to develop actionable intelligence that informs detection coverage, hunting activities, and response readiness
  • Partner with Detection Engineering to design and validate threat-based detections, including through adversary emulation, simulation, or controlled testing
  • Use automation and scripting to improve how threat intelligence is collected, enriched, distributed, and actioned across Security workflows
  • Curate and deliver threat intelligence reporting for both technical teams and executive stakeholders
  • Build and maintain repeatable threat intelligence processes, workflows, and documentation that scale with the Detection & Response program
  • Participate directly in security operations by triaging alerts, supporting investigations, managing incidents, and contributing to post-incident learning
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k/RRSP
  • Generous paid time off
  • Equity grant
  • Participation in incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Fulltime
Read More
Arrow Right

Security Engineer

At Etched, building and maintaining a secure yet friction-free computing environ...
Location
Location
United States , San Jose
Salary
Salary:
150000.00 - 250000.00 USD / Year
etched.com Logo
Etched
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years of experience in security engineering, SOC operations, detection engineering, incident response, or a similar role that blends hands-on technical work with analytical problem solving
  • Strong software engineering skills with Python, Go, Bash, (C and Rust a major plus), including the ability to design, implement, and maintain high-quality code, automation frameworks, services, and integrations that improve security, observability, and operational efficiency
  • Proficiency with SIEM and SOAR platforms, including experience building detections, dashboards, and automated workflows
  • Deep understanding of EDR and XDR platforms, endpoint security hardening, and telemetry collection across macOS, Linux, Windows, and server environments
  • Experience implementing or supporting zero trust architectures, including conditional access, SASE, CASB, and identity-driven access control models
  • Familiarity with IAM and SSO systems such as Okta, Google Workspace, and FreeIPA and the ability to design secure identity, access, and authentication policies
  • Strong networking knowledge, including SDWAN, VPN, IDS and IPS, firewall administration, segmentation strategy, and monitoring of network traffic for anomalies
  • Hands-on experience managing or building security telemetry pipelines, log ingestion frameworks, or observability systems that support both structured and unstructured data
  • Solid understanding of threat modeling, the MITRE ATT and CK framework, attacker tradecraft, and common detection and response patterns
  • Experience performing vulnerability assessments, penetration testing, or secure configuration reviews and collaborating with teams to remediate identified risks
Job Responsibility
Job Responsibility
  • Manage and harden security baselines across on-prem, hybrid, and cloud systems, ensuring strong protection while maintaining speed and usability
  • Integrate telemetry, logging, tracing, and management of structured, semi-structured, and unstructured data across the entire environment to provide unified and comprehensive observability into infrastructure and application activity
  • Lead vulnerability management, patching, and configuration assurance programs to reduce exposure and maintain a consistent security posture
  • Partner with infrastructure, IT, and application teams to strengthen identity, access, and network security through Okta, Google Workspace, and FreeIPA
  • Implement and maintain zero-trust network architectures, SASE controls, CASB solutions, and conditional access policies that protect both users and data across environments to ensure full access and full control of our data and IP regardless of location or device
  • Operate and enhance security operations tooling, including SIEM, SOAR, and EDR/XDR platforms, to ensure comprehensive monitoring and rapid detection of threats
  • Develop and tune detection logic, automation, and playbooks for identifying and responding to threats such as insider activity, lateral movement, and anomalous behavior
  • Investigate and respond to security incidents, performing root-cause analysis, containment, and remediation while coordinating with engineering and IT
  • Build automation, scripts, AI agents, and integrations that streamline monitoring, alerting, and remediation workflows to improve efficiency and reliability
  • Establish metrics, dashboards, and feedback mechanisms to measure detection coverage, response time, and overall security health
What we offer
What we offer
  • Full medical, dental, and vision packages, with generous premium coverage
  • Housing subsidy of $2,000/month for those living within walking distance of the office
  • Daily lunch and dinner in our office
  • Relocation support for those moving to San Jose (Santana Row)
  • Fulltime
Read More
Arrow Right

Senior Sales Engineer

We are looking for a Senior Sales Engineer to drive pre-sales engagement for lar...
Location
Location
India , New Delhi
Salary
Salary:
Not provided
skyhighsecurity.com Logo
Skyhigh Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years in cybersecurity
  • 5+ years in pre-sales or solution engineering supporting large enterprise deals
  • Proven track record engaging CISOs and senior security leadership in complex enterprise environments
  • Hands-on experience with leading cybersecurity platforms such as EDR/XDR, NDR, firewalls, cloud security, Data Security, SIEM, SOAR
  • Experience handling large, distributed enterprise environments (1,000+ endpoints preferred)
  • Industry certifications preferred: CISSP, CISM, CEH, GIAC
  • Deep understanding of endpoint security (EDR/XDR/MDR), Data Security, threat detection & response, malware behavior, network security, and advanced SOC use cases
  • Familiarity with SIEM/SOC operations, threat hunting methodologies, incident response lifecycle, and threat intelligence integration
  • Experience with next-gen firewalls, SASE concepts, cloud workload security (AWS/Azure/GCP), and SaaS security
  • Knowledge of Zero Trust principles, identity-centric security, and modern access models
Job Responsibility
Job Responsibility
  • Lead the technical strategy for Enterprise pursuits including large strategic deals and competitive evaluations
  • Conduct detailed technical discovery, needs assessment, and solution architecture workshops with CISOs, SOC leaders, security architects, and IT stakeholders
  • Design and deliver solution demos, lab scenarios, and POCs aligned to enterprise threat use cases (ransomware, insider threat, cloud compromise, etc.)
  • Act as a trusted cybersecurity advisor to Enterprise security leadership
  • Translate business risk, digital transformation, and compliance requirements into architectural security solutions
  • Align product/platform capabilities (endpoint, network, cloud, Data security) to enterprise security modernization roadmaps
  • Equip sales teams with competitive differentiation, objection handling, and technical win strategy support
  • Validate feasibility, integrations, deployment models, and configurations across hybrid and multi-cloud enterprise environments
  • Support technical evaluations, architecture reviews, and security assessments
  • Drive automation and orchestration use cases with SOC / SIEM, SOAR, AI-driven detection ecosystems
What we offer
What we offer
  • Retirement Plans
  • Medical, Dental and Vision Coverage
  • Paid Time Off
  • Paid Parental Leave
  • Support for Community Involvement
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

The Principal Security Engineer, under the direction of the Director of Security...
Location
Location
United States , Palo Alto
Salary
Salary:
147050.00 - 220800.00 USD / Year
wsgr.com Logo
Wilson, Sonsini, Goodrich & Rosati
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree required
  • 5+ of experience in Information Security
  • One or more of the following certifications preferred: GIAC, CISSP, CISM, CEH, CIPP
  • Focus on knowledge of direct support for Security Information and Event Management (SIEM) systems (e.g. configuration of feeds, developing alarm/report concepts), Red Teaming concepts and execution, and Linux skills including command line and operational/administrative usage
  • Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
  • Experience with windows desktop, server, and database security
  • Ability to identify security technology risks and perform incident response
  • Extensive knowledge of TCP/IP networking including wireless, network monitoring/design and routing
  • Extensive understanding of the cyber kill-chain
  • Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments
Job Responsibility
Job Responsibility
  • Provide subject matter expertise in information security as it relates to networks and systems
  • Manage the Firm’s security technology including but not limited to: anti-virus, vulnerability scanning, intrusion detection, content filtering, and insider threat systems
  • Review security events from all monitoring environments not integrated with the firm SIEM, and those events escalated by the SOC, on a daily basis, and follow defined incident response processes in their analysis and reporting
  • Monitor appropriate venues for threats to the security of the Wilson Sonsini Goodrich & Rosati environment. Provide notification to all impacted parties related to the actions needed to mitigate threats and manage the threat lifecycle in totality
  • Manage and lead evaluations of the firm’s environment by external 3rd parties. Produce recommendations that integrate any findings with the business needs of the firm
  • Maintain knowledge of the information security needs of firm clients and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and discipline developments. Make appropriate recommendations that meet the firms needs
  • Design and build operational environments that scale to meet the needs of our security products and assure appropriate reliability
  • Support general troubleshooting related to information security tasks and provide support to end users as needed
  • Provide other teams with security consulting services, including responding to requests for additional information and assisting with specific projects
What we offer
What we offer
  • discretionary year-end merit bonus based on performance
  • highly competitive salary and benefits package
  • Fulltime
Read More
Arrow Right

Staff Security Risk and Compliance Program Manager

We are seeking a highly experienced and technically proficient Staff Risk & Comp...
Location
Location
United States
Salary
Salary:
213200.00 - 250500.00 USD / Year
confluent.io Logo
Confluent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in security program management
  • At least 5 years dedicated to Insider Threat, Corporate Security, or Data Loss Prevention (DLP) programs
  • Deep technical understanding of security controls, network architecture, endpoint security, cloud environments (e.g., AWS, Azure, GCP), and User and Entity Behavior Analytics (UEBA) or similar advanced detection technologies
  • Experience with evaluating & implementing identity & access management tools, endpoint security platforms, data loss prevention tools
  • Familiarity with forensic analysis techniques and legal hold processes related to electronic evidence
  • Strong project management and organizational skills
  • Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making
  • Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction
  • Excellent written and verbal communication skills
  • The ability to influence and lead without direct authority
Job Responsibility
Job Responsibility
  • Define and drive the multi-year technical roadmap for the Insider Threat program, focusing on advanced detection methods, behavioral analytics, technical countermeasures, and integration with existing security and IT infrastructure
  • Lead the planning, execution, and delivery of complex, multi-functional technical projects within the Insider Threat domain
  • Act as the primary liaison between Trust & Security and key partners and stakeholders
  • Translate operational needs and intelligence into clear technical requirements and specifications for engineering implementation
  • Drive the selection, deployment, and optimization of technical tools and platforms such as DLP, endpoint security platform, to identify, score, and alert on anomalous or high-risk user behavior
  • Partner with Legal and HR to ensure all technical controls and monitoring capabilities are compliant with global privacy laws, company policies, and ethical guidelines
  • Establish and refine the technical incident response and mitigation processes for insider threats
  • Develop metrics and dashboards to track program effectiveness & and technical control performance
  • Develop training content, ensure employees understand the expectations of Acceptable User Policy
What we offer
What we offer
  • Remote-First Work
  • Robust Insurance Benefits
  • Flexible Time Away
  • The Best Teammates
  • Experience Ambassadors
  • Open and Honest Culture
  • Well-Being and Growth
  • Offers Equity
  • Fulltime
Read More
Arrow Right

Software Engineer II

We are seeking a skilled software engineer to join our team and help implement a...
Location
Location
Czech Republic , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience.
Job Responsibility
Job Responsibility
  • AI-Native Development: Improves artificial intelligence (AI) tools and practices across the software development lifecycle (SDLC)
  • Proactively takes responsibility for the content of their AI-generated requirements, design documents, code, and other assets, assisting other members of the team to do the same
  • Incorporates Responsible AI practices into the SDLC to ensure appropriate controls over AI-generated assets
  • Applies SDLC and engineering health measures (e.g., Accelerate, SPACE framework, Engineering System Success Playbook [ESSP]) to guide improvements to processes and practices, especially those involving AI
  • Experiments with AI tools and practices to improve their own capabilities, and provides recommendations on how to adopt them to other members of the team.
  • Coding: Leads by example across teams and mentors others to produce extensible, maintainable, well-tested, secure, and performant code used across products that adheres to design specifications
  • Leads efforts to continuously improve code performance, testability, maintainability, effectiveness, and cost, while learning about and accounting for relevant trade-offs
  • Identifies best practices and coding patterns (e.g., leveraging state-of-the-art generative artificial intelligence [GenAI], approaches to source code organization, naming conventions) and provides deep expertise in the coding and validation strategy
  • Creates and applies metrics to drive code quality and stability, appropriate coding patterns, and best practices
  • Identifies and anticipates blockers or unknowns during the development process, escalates them, communicates how they will impact timelines, and then leads efforts to identify and implement strategies and/or opportunities to address them.
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy