Software Engineer, Codex Security
openai
Create a free account in 30 seconds: you also get the AI match score with your CV.
Description
About the Team
Codex is OpenAI's software engineering agent. Codex Security extends that work into one of the most important product areas in AI: helping organizations find, validate, prioritize, and fix real vulnerabilities in the software they build and depend on.
The Codex Cyber team is building the product and platform foundations for AI-native application security. This includes Codex Security product experiences, cloud-based security analysis, platform controls across Codex, customer deployment and support tooling, and infrastructure that helps security researchers and cyber models improve over time. The team is early, small, and growing quickly, with a mandate to move fast and hire exceptional builders.
About the Role
We are looking for software engineers first: strong full-stack or product-minded generalists who can own ambiguous product and platform problems end to end. Security experience is helpful, and security curiosity is important, but this is not a role for security specialists who only occasionally write code. The right person is an excellent builder who is excited to work in security and can turn complex research, product, and customer needs into reliable systems.
You will work across user-facing product surfaces, developer workflows, backend services, security analysis pipelines, cloud infrastructure, and internal tooling. You may build features that make Codex Security more useful for application security teams, systems that scale cloud-based security analysis, platform controls that make agentic coding safer, or infrastructure that helps security researchers and models become more effective. You will collaborate closely with engineering, product, security research, infrastructure, and customer-facing partners as Codex Cyber becomes a major product and platform investment for OpenAI.
In this role, you will:
Build end-to-end product features for Codex Security, from developer-facing interfaces to APIs, backend services, and workflow tooling.
Own ambiguous 0-to-1 projects across product pods, platform security controls, customer deployment workflows, and cyber model infrastructure.
Translate security research and model capabilities into intuitive workflows that help teams find, validate, prioritize, and remediate vulnerabilities with high signal.
Design scalable, observable systems for long-running analyses across large codebases and enterprise environments.
Partner with product, security research, infrastructure, and customer-facing teams to iterate quickly from real-world feedback.
Help shape the technical direction and architecture of Codex Cyber as the team and product surface area grow.
You might thrive in this role if you:
Are an excellent software engineer with strong fundamentals and enough range to work across product, backend, infrastructure, and developer tooling.
Enjoy building high-quality product and platform experiences across the full stack.
Are high-agency, low-drama, and comfortable owning features from concept to production in a fast-moving environment.
Have built developer tools, workflow-heavy platforms, security products, internal infrastructure, or product features for technical users.
Have strong product instincts and care about making complex technical systems understandable and useful.
Are excited by security and AI. Direct experience in product security, application security, vulnerability research, defensive security, identity, SSO, or secure developer workflows is a plus, not a requirement.
Like ambiguous 0-to-1 work and can turn messy requirements into crisp, scalable systems.
Goals & impact
Build AI-native security products that help users find and fix important vulnerabilities in real software systems before attackers do.
Increase the usefulness and trustworthiness of Codex Security by turning research insights into dependable workflows, product surfaces, platform controls, and remediation tooling.
Help define a new category of security tooling where models reason over real code, validate exploitability, and propose fixes directly in developer workflows.
Key technical challenges
Combining model outputs, security analysis, and user workflows into one cohesive product experience.
Designing high-confidence validation and remediation flows that distinguish real issues from noisy or speculative findings.
Scaling product and platform infrastructure for large repositories, complex enterprise environments, and long-running analyses.
Creating developer-friendly interfaces and APIs that make advanced security capabilities understandable and actionable.
Building platform controls and internal systems that help Codex Cyber move quickly while meeting OpenAI's bar for safety, security, and reliability.
About OpenAI
OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.
We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic.
For additional information, please see OpenAI’s Affirmative Action and Equal Employment Opportunity Policy Statement.
Background checks for applicants will be administered in accordance with applicable law, and qualified applicants with arrest or conviction records will be considered for employment consistent with those laws, including the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, for US-based candidates. For unincorporated Los Angeles County workers: w
TalentyGo is an aggregator of job postings from public sources. Always verify information directly with the company. Applications go through the original company website; TalentyGo does not manage hiring processes.