Technical Lead, Host Assurance

About the Team

Security is foundational to OpenAI's mission to ensure that artificial general intelligence benefits all of humanity.

The Security organization protects OpenAI's technology, people, and products by building and operating deeply technical systems that must work reliably at massive scale. Our work underpins OpenAI's commitments around safety, privacy, and security across research, products, and emerging platforms.

The Host Assurance team exists to make bare metal a dependable, scalable foundation for OpenAI: secure by default, verifiable in practice, and resilient across providers and operating models. We operate at the trust boundary between physical hardware and cloud-scale orchestration, ensuring that hosts are eligible to safely run workloads with predictable security properties and auditability.

OpenAI is seeking a Technical Lead, Host Assurance to own and scale the trust foundations for bare-metal platforms across OpenAI's global infrastructure. This is a player-coach role for a deeply hands-on builder and proven people leader who owns the Host Assurance charter end-to-end
-designing, building, and operating the core security infrastructure that establishes trust in hardware platforms before they are eligible to run workloads.

Success in this role requires deep technical credibility, strong judgment under pressure, and the ability to partner effectively across infrastructure, research, and security teams without becoming a bottleneck to execution. The systems you build sit on the critical path of OpenAI's frontier infrastructure investments and directly shape how unprecedented amounts of compute are brought online-securely, responsibly, and at global scale-underpinning long-lived commitments around privacy, security, and reliability.

You will lead a small, highly senior team while staying deeply engaged in architecture, implementation, and operational readiness. At OpenAI, leadership is earned through building and shipping, reflected in durable systems and the teams you grow. The role partners closely with infrastructure, research, and confidential initiatives-including novel hardware platforms and emerging deployment models-and requires hands-on technical leadership to make the secure path the easiest path, rather than just focusing purely on policy enforcement or people management.

• Own host assurance outcomes by defining and evolving the baseline security properties required for bare-metal hosts to be eligible for production use.

• Ensure hosts are verifiably trustworthy from delivery and installation through secure bootstrap and readiness to join orchestration systems.

• Design, implement, and operate the Host Assurance platform, including: HSM-backed services and key-management infrastructure, PKI and certificate-issuance systems that eliminate static credentials, and host identity, attestation, and measurement tooling.

• Validate delivered hardware and firmware against vendor claims and continuously detect and manage drift over time.

• Eliminate insecure bootstrap patterns while preserving deployment throughput and operational reliability. Partner with provisioning, fleet, and orchestration teams to deliver paved paths where the secure approach is the easiest approach.

• Set and uphold a high bar for reliability, resilience, and operational hygiene across foundational trust services. Lead incident response and post-incident learning when issues arise, driving systemic improvements that keep these systems dependable at scale.

• Lead, mentor, and directly manage a small team of senior engineers across PKI, operating systems, hardware security, and platform engineering. Hire and scale the Host Assurance function deliberately and proportionately as OpenAI's compute footprint and platform ambitions grow.

• Act as a hands-on technical leader, establishing architecture, writing and reviewing code, and setting engineering standards through example.

• Hold a consistent bar on security outcomes across providers and operating models while adapting to shared-responsibility boundaries with partner orgs.

• Have built and scaled deeply technical security or infrastructure teams in prior roles, with direct people-management responsibility.

• Have led senior engineers and earned credibility through hands-on technical leadership.

• Have deep experience with PKI, HSMs, machine identity, host attestation, secure boot, or hardware-rooted trust.

• Have built and operated security-critical infrastructure that sits on the critical path for large-scale production systems.

• Are comfortable owning low-level, high-impact systems where correctness, reliability, and scale matter deeply.

• Balance rigor with pragmatism, enabling teams to move quickly without compromising foundational trust.

• Earn trust through delivery - building, operating, and improving systems yourself when it matters most.

• Are energized by ambiguous problems, rapid growth, and building infrastructure that shapes the…