About the position
As a Compliance Engineer at OpenAI, you will play a crucial role in implementing security and compliance controls across the organization. Working closely with various teams, including Engineering, HR, Legal, and Privacy, you will ensure that these controls are seamlessly integrated and support a robust approach to risk management. Your responsibilities will include navigating complex regulatory frameworks, designing practical compliance controls, managing audits, and optimizing organizational processes. This role requires a high level of accountability, a focus on execution, and the ability to collaborate effectively across departments. If you have experience in leading compliance audits, a strong understanding of security and privacy standards, and a background in cloud infrastructure, this role may be a great fit for you.
Responsibilities
- Partner with engineering teams to implement and audit OpenAI's security controls across products, infrastructure, and internal processes.
- Work closely with teams at OpenAI to shape controls and enable an agile approach to Risk Management across the organization.
- Directly facilitate operational, regulatory, and certification security requirements (e.g., SOC2, ISO, NIST 800-53, etc.) and manage audits to successful outcomes.
- Design and build automation for compliance and security controls.
- Design efficient organizational processes to enable compliance across the organization.
- Align across departments on the roadmaps for implementation of processes and controls.
- Experience leading 3rd party compliance audits and control implementation (SOC2, ISO, HIPAA, NIST, etc.).
- A robust understanding of security and privacy compliance and regulatory standards.
- Deep understanding of cloud infrastructure and security concepts, including experience with managing compliance requirements against distributed systems.
Requirements
- Experience leading 3rd party compliance audits and control implementation (SOC2, ISO, HIPAA, NIST, etc.).
- A robust understanding of security and privacy compliance and regulatory standards.
- Deep understanding of cloud infrastructure and security concepts, including experience with managing compliance requirements against distributed systems.
- Ability to partner with engineering teams to implement and audit security controls across products, infrastructure, and internal processes.
- Proficiency in designing and building automation for compliance and security controls.
- Strong skills in designing efficient organizational processes to enable compliance across the organization.
- Ability to facilitate operational, regulatory, and certification security requirements (e.g., SOC2, ISO, NIST 800-53, etc.) and manage audits.
- Experience in aligning across departments on the roadmaps for implementation of processes and controls.
- Strong problem-solving and decision-making skills with a focus on execution.
- Excellent communication and collaboration skills to work effectively with various teams.
- High accountability, ability to work in a high-expectation environment, and a commitment to producing the best solutions.
- Openness to new ideas and willingness to accept and respond to feedback.
Benefits
- Medical, dental, and vision insurance for you and your family
- Mental health and wellness support
- 401(k) plan with 4% matching
- Unlimited time off and 18+ company holidays per year
- Paid parental leave (20 weeks) and family-planning support
- Annual learning & development stipend ($1,500 per year)