You'll conduct hands-on penetration testing, lead red team engagements, and collaborate with blue team counterparts to validate and improve detection and response capabilities. Your work will directly influence how Stripe builds, ships, and secures financial infrastructure used by millions of businesses worldwide.

Responsibilities:

Conduct comprehensive penetration tests across web applications, APIs, cloud environments (AWS/GCP/Azure), mobile applications, and internal infrastructure.

Plan and execute red team engagements that emulate the TTPs of cyber and criminal threat actors targeting financial services, including initial access, lateral movement, persistence, and data exfiltration scenarios.

Perform assumed-breach and objective-based assessments to test detection and response capabilities in coordination with defensive teams.

Partner with detection engineering, threat intelligence, and incident response teams to validate security controls, identify coverage gaps, and improve detection fidelity.

Contribute adversary tradecraft insights to inform detection rule development, threat hunting hypotheses, and incident response playbooks.

Support incident investigations by providing offensive expertise, log analysis, and root cause analysis when required.

Design, develop, and maintain custom offensive tools, scripts, and automation frameworks to enhance assessment efficiency and coverage.

Build internal platforms and workflows that enable scalable, repeatable offensive operations.

Contribute to internal security tooling repositories and champion engineering best practices within the team.

Automate repetitive testing tasks, payload generation, and reporting workflows using modern development practices.

Produce clear, actionable reports that communicate technical findings, business risk, and remediation guidance to both technical and non-technical stakeholders.

Act as a subject-matter expert and primary point of contact for stakeholder teams engaged in offensive security programs and Stripe-wide security initiatives.

Lead offensive security projects end-to-end, mentor junior team members, and foster a culture of continuous learning and knowledge sharing.

Stay current with emerging threats, vulnerabilities, and attack techniques; share research internally and contribute to the broader security community.

XML job scraping automation by YubHub

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

About the Team

OpenAI’s Platform and Infrastructure Engineering organization advances the mission of deploying artificial general intelligence (AGI) for the benefit of all by delivering secure, scalable, and resilient technology solutions. Our team builds and maintains robust infrastructure that safeguards OpenAI’s data and systems while ensuring employees are well-equipped and seamlessly connected. By prioritizing security, reliability, and user-centric solutions, we empower OpenAI employees to drive impactful AI research, corporate operations, and product innovation.

About the Role

As a Client Platform Engineer at OpenAI, you will play a pivotal role in securing, enhancing, and maintaining our endpoint management infrastructure across macOS, Windows, iOS, and Android devices. Your focus will be on building scalable, automated solutions that ensure seamless deployments, advanced security configurations, and efficient operational workflows. You will collaborate closely with IT, Security, and Engineering teams to implement modern endpoint management practices using automation, Infrastructure-as-Code (IaC), and monitoring strategies. This role offers an opportunity to work with cutting-edge tools and contribute to building a security-first, automation-driven endpoint ecosystem.

In this role, you will:

• Design, build, implement, and maintain scalable and performant endpoint management infrastructure to facilitate best-in-class security of the OpenAI fleet comprised of macOS, Windows, iOS, and Android endpoints.

• Deliver critical endpoint management efficiencies and capabilities through bespoke software development and implementation of both industry-standard open source tooling and first-party software solutions.

• Employ modern Infrastructure-as-Code (IaC) methodologies, develop GitOps-driven solutions to deliver consensus-based fleet management capabilities at scale.

• Build and maintain CI/CD pipelines for fleet management infrastructure, deploying to progressively tested environments across multiple clouds (Azure, AWS, GCP).

• Drive initiatives to adopt emerging CPE technologies, industry best practices, and optimize processes for scalability and operational efficiency.

• Partner with cross-functional teams to ensure seamless endpoint user experiences while maintaining strict security standards and continually increasing the bar.

You may be a fit for this role if you have:

• Proficiency in a modern programming language (Python, Golang, Ruby, etc.)

• Extensive hands-on experience with Jamf PRO and Microsoft Intune to ensure comprehensive secure fleet management as well as experience with similar cloud identity providers.

• Demonstrated success and experience with open source endpoint management tooling for configuration management, mobile device management, application management, and telemetry such as Salt, Puppet, Munki, Nano/MicroMDM, osquery, Autopkg, WinGet, etc.

• History of developing and delivering secure, reliable, scalable, and technology solutions.

• Deep knowledge and experience managing corporate infrastructure at scale with Infrastructure-as-Code (IaC) practices & GitOps workflows (Terraform, Ansible, Chef, etc.)

• Experience integrating and operating fleet management infrastructure with CI/CD pipelines and DevOps workflows.

• Proven track record of deploying and operating fleet management infrastructure in public cloud environments (Azure, AWS, GCP).

• A self-starter with strong analytical and problem-solving skills.

You might thrive in this role if you have:

• Deep experience with open-source fleet management tools and frameworks.

• Experience with containerization technologies such as Docker and Kubernetes.

• Familiarity with compliance frameworks such as SOC 2, ISO 27001, FedRAMP, and NIST.

• Strong soft skills, including stakeholder communication and cross-functional collaboration.

• Relevant professional certifications such as CISSP, CISA, CISM, CCSP.

• A security thought leader with contributions to CPE open-source projects or technical communities.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

We are an equal opportunity employer, and we do not discriminate on the basis of

XML job scraping automation by YubHub

We are seeking a Client Platform Engineer to join our team at OpenAI. As a Client Platform Engineer, you will play a pivotal role in securing, enhancing, and maintaining our endpoint management infrastructure across macOS, Windows, iOS, and Android devices.

About the Team

OpenAI's Platform and Infrastructure Engineering organization advances the mission of deploying artificial general intelligence (AGI) for the benefit of all by delivering secure, scalable, and resilient technology solutions. Our team builds and maintains robust infrastructure that safeguards OpenAI's data and systems while ensuring employees are well-equipped and seamlessly connected.

About the Role

As a Client Platform Engineer at OpenAI, you will collaborate closely with IT, Security, and Engineering teams to implement modern endpoint management practices using automation, Infrastructure-as-Code (IaC), and monitoring strategies. You will design, build, implement, and maintain scalable and performant endpoint management infrastructure to facilitate best-in-class security of the OpenAI fleet comprised of macOS, Windows, iOS, and Android endpoints.

Responsibilities

• Design, build, implement, and maintain scalable and performant endpoint management infrastructure to facilitate best-in-class security of the OpenAI fleet comprised of macOS, Windows, iOS, and Android endpoints.

• Deliver critical endpoint management efficiencies and capabilities through bespoke software development and implementation of both industry-standard open source tooling and first-party software solutions.

• Employ modern Infrastructure-as-Code (IaC) methodologies, develop GitOps-driven solutions to deliver consensus-based fleet management capabilities at scale.

• Build and maintain CI/CD pipelines for fleet management infrastructure, deploying to progressively tested environments across multiple clouds (Azure, AWS, GCP).

• Drive initiatives to adopt emerging CPE technologies, industry best practices, and optimize processes for scalability and operational efficiency.

• Partner with cross-functional teams to ensure seamless endpoint user experiences while maintaining strict security standards and continually increasing the bar.

Requirements

• Proficiency in a modern programming language (Python, Golang, Ruby, etc.)

• Extensive hands-on experience with Jamf PRO and Microsoft Intune to ensure comprehensive secure fleet management as well as experience with similar cloud identity providers.

• Demonstrated success and experience with open source endpoint management tooling for configuration management, mobile device management, application management, and telemetry such as Salt, Puppet, Munki, Nano/MicroMDM, osquery, Autopkg, WinGet, etc.

• History of developing and delivering secure, reliable, scalable, and technology solutions.

• Deep knowledge and experience managing corporate infrastructure at scale with Infrastructure-as-Code (IaC) practices & GitOps workflows (Terraform, Ansible, Chef, etc.)

• Experience integrating and operating fleet management infrastructure with CI/CD pipelines and DevOps workflows.

• Proven track record of deploying and operating fleet management infrastructure.

Benefits

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

XML job scraping automation by YubHub

Client Platform Engineer

Location

San Francisco

Employment Type

Full time

Department

IT

Compensation

• $230K – $325K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

OpenAI’s Platform and Infrastructure Engineering organisation advances the mission of deploying artificial general intelligence (AGI) for the benefit of all by delivering secure, scalable, and resilient technology solutions. Our team builds and maintains robust infrastructure that safeguards OpenAI’s data and systems while ensuring employees are well-equipped and seamlessly connected. By prioritising security, reliability, and user-centric solutions, we empower OpenAI employees to drive impactful AI research, corporate operations, and product innovation.

About the Role

As a Client Platform Engineer at OpenAI, you will play a pivotal role in securing, enhancing, and maintaining our endpoint management infrastructure across macOS, Windows, iOS, and Android devices. Your focus will be on building scalable, automated solutions that ensure seamless deployments, advanced security configurations, and efficient operational workflows. You will collaborate closely with IT, Security, and Engineering teams to implement modern endpoint management practices using automation, Infrastructure-as-Code (IaC), and monitoring strategies. This role offers an opportunity to work with cutting-edge tools and contribute to building a security-first, automation-driven endpoint ecosystem.

We’re looking for people who are passionate about automation, endpoint security, and building scalable solutions that improve employee experience. You should have a strong background in managing macOS and iOS devices at scale, developing automated solutions using scripting, and configuration management tools, and driving operational excellence through process optimisation and collaboration. Your problem-solving mindset and attention to detail will be key to success in this role.

In this role, you will:

• Design, build, implement, and maintain scalable and performant endpoint management infrastructure to facilitate best-in-class security of the OpenAI fleet comprised of macOS, Windows, iOS, and Android endpoints.

• Deliver critical endpoint management efficiencies and capabilities through bespoke software development and implementation of both industry-standard open source tooling and first-party software solutions.

• Employ modern Infrastructure-as-Code (IaC) methodologies, develop GitOps-driven solutions to deliver consensus-based fleet management capabilities at scale.

• Build and maintain CI/CD pipelines for fleet management infrastructure, deploying to progressively tested environments across multiple clouds (Azure, AWS, GCP).

• Drive initiatives to adopt emerging CPE technologies, industry best practices, and optimise processes for scalability and operational efficiency.

• Partner with cross-functional teams to ensure seamless endpoint user experiences while maintaining strict security standards and continually increasing the bar.

You may be a fit for this role if you have:

• Proficiency in a modern programming language (Python, Golang, Ruby, etc.)

• Extensive hands-on experience with Jamf PRO and Microsoft Intune to ensure comprehensive secure fleet management as well as experience with similar cloud identity providers.

• Demonstrated success and experience with open source endpoint management tooling for configuration management, mobile device management, application management, and telemetry such as Salt, Puppet, Munki, Nano/MicroMDM, osquery, Autopkg, WinGet, etc.

• History of developing and delivering secure, reliable, scalable, and technology solutions.

• Deep knowledge and experience managing corporate infrastructure at scale with Infrastructure-as-Code (IaC) practices & GitOps workflows (Terraform, Ansible, Chef, etc.)

• Experience integrating and operating fleet management infrastructure with CI/CD pipelines and DevOps workflows.

• Proven track record of deploying and operating fleet management infrastructure in public cloud

XML job scraping automation by YubHub