Principal Software Engineer, Codex Cyber

OpenAI OpenAI · AI Frontier · San Francisco, CA · Applied AI

This role involves building AI systems and products for cybersecurity, focusing on understanding and responding to threats, improving model safety in sensitive settings, and collaborating across product engineering, model training, evaluations, and deployment. The role requires defining and executing technical roadmaps, working with customers and partners, shaping model training and access patterns, and building/validating systems for measuring cyber capabilities and monitoring misuse risk.

What you'd actually do

  1. Help define and execute the technical roadmap for Codex Cyber’s security products, including evaluations, safeguards, trusted-defender workflows, and deployment decisions.
  2. Work with trusted defenders, customers, and partner teams to understand cyber use cases, evaluate risk, and turn feedback into product and research priorities.
  3. Shape cyber-specific model training and access patterns, including data, evaluations, validation, and deployment criteria.
  4. Build and validate systems for measuring cyber capabilities, monitoring misuse risk, and proving safeguards work in practice.
  5. Collaborate with Safety/Preparedness, Research, Security, Legal, Communications, Go-to-Market, and external partners on company-wide cyber priorities.

Skills

Required

  • Python
  • TypeScript/JavaScript
  • ML systems
  • security products
  • cyber evaluations
  • model training
  • safety engineering
  • trusted customer deployments

Nice to have

  • 10+ years of experience

What the JD emphasized

  • security products
  • evaluations
  • safeguards
  • model training
  • trusted defenders
  • cyber capabilities
  • misuse risk
  • deployment decisions
  • security-sensitive settings

Other signals

  • AI systems and products for cyber threat understanding and response
  • Improving safety and reliability of frontier models in security-sensitive settings
  • Model training, evaluations, safeguards, and deployment
  • Assessing cyber capabilities, validating safeguards, and improving training data