UpJobz
Start free trial
87 remote roles added today376 active tech employers🇺🇸 🇨🇦 🇲🇽 Tri-border network749 metros covered12 database updates this hourTN visa filter live87 remote roles added today376 active tech employers🇺🇸 🇨🇦 🇲🇽 Tri-border network749 metros covered12 database updates this hourTN visa filter live
Jobs/San Francisco/Technical Threat Investigator, Threat Intel Engineering
San Francisco, CA

Technical Threat Investigator, Threat Intel Engineering

About the Team Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Threat Intelligence team protects OpenAI’s technology, people, research, and infrastructure by proactively identifying and disrupting adversaries who seek to compromise our syste

Open employer applicationBack to listings
Company
OpenAI
Compensation
$234K - $385K
Schedule
Full-Time
Role overview

What this role actually needs.

About the Team Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity. The Threat Intelligence team protects OpenAI’s technology, people, research, and infrastructure by proactively identifying and disrupting adversaries who seek to compromise our syste Responsibilities: - Conduct deep, end-to-end investigations into sophisticated threat actors interacting with OpenAI’s models, products, and broader ecosystem. - Think like an adversary — model attacker behavior, anticipate misuse patterns, and proactively hunt for, identify, and disrupt malicious activity. - Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of our models in cyber operations, platform abuse, and threats targeting OpenAI. - Translate investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines. - Build tooling, scripts, automations, and agentic workflows that scale investigative throughput and reduce manual effort. - Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited. Benefits: - Conduct deep, end-to-end investigations into sophisticated threat actors interacting with OpenAI’s models, products, and broader ecosystem. - Think like an adversary — model attacker behavior, anticipate misuse patterns, and proactively hunt for, identify, and disrupt malicious activity. - Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of our models in cyber operations, platform abuse, and threats targeting OpenAI. - Translate investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines. - Build tooling, scripts, automations, and agentic workflows that scale investigative throughput and reduce manual effort. - Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited. Company context: OpenAI builds frontier AI systems, research infrastructure, and applied products for developers, enterprises, and global users.

Responsibilities

Day-to-day expectations

OpenAI lists these responsibilities for the Technical Threat Investigator, Threat Intel Engineering role.

  • Conduct deep, end-to-end investigations into sophisticated threat actors interacting with OpenAI’s models, products, and broader ecosystem.
  • Think like an adversary — model attacker behavior, anticipate misuse patterns, and proactively hunt for, identify, and disrupt malicious activity.
  • Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of our models in cyber operations, platform abuse, and threats targeting OpenAI.
  • Translate investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines.
  • Build tooling, scripts, automations, and agentic workflows that scale investigative throughput and reduce manual effort.
  • Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited.
Benefits

Why people would want this job

OpenAI published these compensation, benefits, or working-context details with the role.

  • Conduct deep, end-to-end investigations into sophisticated threat actors interacting with OpenAI’s models, products, and broader ecosystem.
  • Think like an adversary — model attacker behavior, anticipate misuse patterns, and proactively hunt for, identify, and disrupt malicious activity.
  • Leverage internal telemetry, OSINT, vendor data, and in-house safety systems to produce high-confidence findings on adversarial use of our models in cyber operations, platform abuse, and threats targeting OpenAI.
  • Translate investigative findings into concrete improvements across detection, enforcement, intel, and safety pipelines.
  • Build tooling, scripts, automations, and agentic workflows that scale investigative throughput and reduce manual effort.
  • Prototype solutions in ambiguous and emerging problem spaces, including new product surfaces, novel attacker behaviors, and areas where existing coverage may be limited.
UpJobz market context

Why this listing is more than a copied job post.

Technical Threat Investigator, Threat Intel Engineering is framed against UpJobz source checks, country scope, compensation visibility, and work-authorization signals so candidates can make a faster go/no-go decision.

United States tech market

United States roles on UpJobz are filtered for high-tech relevance, source freshness, and actionable employer detail before they are allowed into SEO surfaces.

Compensation read

$234K - $385K is visible before the click, so candidates can compare the role against local market expectations before applying.

Work authorization read

Current extracted signal: United States residents. UpJobz treats this as a search signal, not legal advice, and links visa-sensitive roles back to the relevant visa hub where possible.

Location read

Because this is remote, country scope and time-zone expectations matter as much as the title. Confirm the employer's allowed work locations on jobs.ashbyhq.com.

Browse similar jobs

Subscriber playbook

Turn this listing into an application plan.

This is the first pass at the premium UpJobz layer: a fast brief that helps serious applicants move with more clarity.

Next moves

  • Tailor your resume around ai and llm instead of sending a generic application.
  • Use the first two bullets of your application to connect your background directly to technical threat investigator, threat intel engineering is a high-signal remote role in san francisco, and it is most realistic for united states residents.
  • Open the role quickly if it fits and bookmark three similar jobs before you leave the page.

Interview themes

CybersecurityRemoteaillmresearchaws

Watchouts

  • $234K - $385K is visible, so calibrate your application around the posted range.
  • Use united states residents as part of your positioning so the recruiter does not have to infer it.
  • Lead with distributed collaboration, async delivery, and timezone discipline.
Role signals

Keywords to match against your background

Use these terms to decide whether your resume, portfolio, and recent projects line up with the role.

aillmresearchawssecurityplatformapipythoninfrastructure
Next step

Apply through the employer source

Open the source listing from jobs.ashbyhq.com, confirm the role is still active, then apply on the employer or ATS page.

Open employer application

Source: jobs.ashbyhq.com · Source ID: f01b7084-a68d-4e30-ace9-6b5e6d90c517 · Confidence: 97/100 · Last checked: May 7, 2026

How UpJobz verifies job sourcesContinue browsing tech jobs