ABOUT THE TEAM
Security is at the foundation of OpenAI's mission to ensure that artificial general intelligence benefits all of humanity. The Identity Infrastructure Engineering team sits at the core of this effort, designing and building the identity and access management solutions that protect model weights, customer data, and critical systems across multiple cloud environments.
The team partners across OpenAI, including Applied Engineering, Research, IT, Security, Infrastructure, and Engineering, to provide secure and scalable platforms for identity, access management, permissioning, orchestration, and safe AI research.
ABOUT THE ROLE
We’re looking for an engineering leader to lead Identity Infrastructure Engineering, the team building the systems that govern and scale access across OpenAI’s research, engineering, and internal platforms.
This role sits at the center of cloud infrastructure, identity, software engineering, and security-critical operations. You’ll lead engineers building control planes, policy systems, workload and agent authorization patterns, infrastructure-as-code, and operational foundations that help OpenAI move quickly while keeping access reliable, auditable, least-privileged, and safe under failure.
The ideal candidate has led teams responsible for large-scale, mission-critical infrastructure. They can go deep into code and architecture when needed, while giving engineers and technical leads the clarity and ownership to do their best work. They set technical direction, grow strong teams, make durable architecture decisions, and turn ambiguous 0-to-1 problems into platforms OpenAI can trust and build on for years.
IN THIS ROLE, YOU WILL
- Build and lead a high-performing Identity Infrastructure team, going deep enough technically to set direction while empowering the team to own delivery.
- Define the strategy for identity platform as the policy plane for access across people, agents, workloads, services, clouds, and internal systems.
- Scale Access Manager for evolving human and agent lifecycles, making routine access automatic and sensitive access contextual, time-bound, and accountable.
- Build the access graph and resource catalog that make access decisions explainable, risk-aware, and grounded in ownership, sensitivity, environment, and usage.
- Replace broad standing privilege with risk-tiered access, so routine work stays fast, privileged access is narrow and observable, and break-glass is exceptional.
- Establish first-class authorization for agents and workloads, with delegated, action-scoped permissions, time-bound access, full attribution, and no credential sharing.
- Partner across Security, Infrastructure, Applied, Research, IT, and product to turn identity standards into systems teams trust and adopt.
- Operate identity infrastructure as a mission-critical platform, with clear reliability goals, safe rollouts, strong observability, healthy on-call, and rigorous incident learning.
- Measure success by safer, faster, and more accountable access: reduced unnecessary privilege, stronger governance, broader coverage, clearer auditability, and less friction for legitimate work.
YOU MIGHT THRIVE IN THIS ROLE IF YOU
- Have 10+ years building and developing engineering teams that own large scale platforms.
- Experience owning security critical production systems where reliability, least privilege, auditability, and operational rigor are essential.
- Deep judgment across cloud infrastructure, IAM, authentication, authorization, workload identity, privileged access, and policy enforcement.
- Hands-on technical depth to go into code and architecture, pressure-test designs, and guide tradeoffs across correctness, performance, scale, and operability.
- Track record turning complex infrastructure problems into adopted platforms across Engineering, Security, Research, and internal teams.
- High bar for engineering quality, operational discipline, and long-term owne