We are seeking a GRC Automation Lead to join our GRC organisation and build the technical foundation for how we scale our risk and compliance programs. In this role, you will lead the team that designs and implements automated workflows, data pipelines, and integrations that transform manual compliance processes into scalable engineering systems.

This is a greenfield opportunity to establish the team, architecture, and integrations that will define how we approach governance, risk, and compliance at Anthropic. The core challenge is a data problem: compliance information lives across dozens of systems—cloud infrastructure, identity providers, HR platforms, ticketing tools, code repositories—and your job is to design systems that bring it together, normalise it, and make it actionable.

At Anthropic, you'll also have a unique advantage: the ability to design AI-powered workflows where Claude acts as an extension of your team, handling tasks that would traditionally require additional headcount or manual effort. You'll need ingenuity to identify where agentic AI can accelerate evidence collection, interpret unstructured data, triage compliance gaps, and augment human judgment in risk assessments.

Working closely with Security, IT, and Engineering teams, you'll translate compliance and regulatory requirements into solutions that support audit programs including SOC 2, ISO, HIPAA, and FedRAMP, building systems that combine traditional automation with AI capabilities to achieve scale that wouldn't otherwise be possible.

Responsibilities:

• Lead the team that establishes foundational GRC processes and architecture. Design and build automated workflows for risk management and compliance, creating scalable systems that enable continuous monitoring as Anthropic grows.

• Build data pipelines that aggregate risk, control, and asset information from across our technology stack. This means solving hard data integration problems: mapping disparate schemas, handling inconsistent data quality, and creating unified views of compliance posture through dashboards and reporting tools.

• Inform GRC platform strategy and implementation: in partnership with other programs, evaluate, select, and deploy tooling that meets our compliance requirements.

• Translate written policies and compliance requirements into policy-as-code—working with Engineering and Security teams to express requirements as enforceable rules, automated checks, and continuous validation rather than static documents.

• Establish feedback loops between policy and implementation: surface where technical controls diverge from written requirements, identify where policies need to evolve based on infrastructure realities, and ensure that compliance requirements are expressed in terms engineers can act on.

• Design and deploy agentic AI workflows that extend team capacity, using Claude to automate evidence analysis, monitor control effectiveness, draft audit responses, interpret policy documents, and handle other tasks that require reasoning over unstructured information.

• Design and maintain integrations connecting GRC tooling with cloud infrastructure, identity management systems, HRIS platforms, ticketing systems, version control, and CI/CD pipelines—working with engineers to implement integrations that enable automated evidence collection and continuous compliance validation.

• Build and lead the GRC Automation function as we scale: hiring team members, establishing practices, and defining the technical roadmap for governance and compliance automation at Anthropic.

You may be a good fit if you:

• Have 3-4+ years of experience managing technical individual contributors or systems-focused teams, with a proven track record of building or scaling small teams (2-5 people) in security, compliance, automation, or operations functions.

• Are a systems thinker first. You understand how complex environments work: how data flows between systems, where integration points exist, what breaks when systems don't talk to each other. Your strength is designing the right architecture and environment for security monitoring, not necessarily implementing it yourself.

• Have 5+ years of experience designing automated workflows, data pipelines, or system integrations, whether through traditional development, low-code platforms, GRC tools, or process automation. We care about your ability to solve integration problems, not your programming language proficiency.

• Proficiency to write production level code in at least one programming language (e.g., Python, Rust, Go)

• Have a relentless focus on data integration: you understand how to pull data from multiple sources, normalise it, join it meaningfully, and surface insights. You're comfortable reasoning about messy, inconsistent data and designing systems that handle edge cases gracefully.

• Understand APIs and integration patterns conceptually: REST APIs, webhooks, authentication flows, polling vs. push architectures, and can evaluate systems based on how well they expose data and support automation, even if you're not writing the integration code yourself.

• Can work independently with minimal guidance, taking ownership of complex problems from design through implementation while managing ambiguity inherent in early-stage programs.

• Have strong analytical and problem-solving skills, with the ability to break down complex problems into manageable parts and develop creative solutions.

• Are able to communicate complex technical ideas to both technical and non-technical stakeholders, with a strong focus on collaboration and teamwork.

• Are passionate about staying up-to-date with industry trends and emerging technologies, with a willingness to learn and adapt to new tools and techniques.

XML job scraping automation by YubHub

Head of Operations, Corporate Security

Location

San Francisco

Employment Type

Full time

Department

Corporate Security

Compensation

• $295K – $327K • Offers Equity

The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits.

• Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts

• Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)

• 401(k) retirement plan with employer match

• Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)

• Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees

• 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)

• Mental health and wellness support

• Employer-paid basic life and disability coverage

• Annual learning and development stipend to fuel your professional growth

• Daily meals in our offices, and meal delivery credits as eligible

• Relocation support for eligible employees

• Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

More details about our benefits are available to candidates during the hiring process.

This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions.

About the Team

The Corporate Security team is responsible for the security and protection of all OpenAI employees and executives. We are committed to creating and maintaining a secure environment that allows our team members to focus on their work without fear of harm or disruption.

About the Role

As Director of Operations, Corporate Security — San Francisco, you will lead physical security operations at OpenAI’s headquarters and across the Bay Area footprint. This is the senior operational security leader for SF and a critical partner to Corporate Security leadership.

You will own day-to-day security execution at HQ, including guard force oversight, Global Security Operations Center performance, access control standards, and incident response. You will design systems that scale, build strong cross-functional partnerships, and ensure OpenAI employees can work in a secure, welcoming environment.

This role reports directly to the VP of Corporate Security and requires strong judgment, executive presence, and the ability to operate effectively in ambiguity while maintaining a high bar for operational excellence.

In this role, you will:

• Own day to day physical security operations for OpenAI San Francisco and the Bay Area footprint, including guard force oversight, access control, and site hardening.

• Lead the SF Global Security Operations Center and incident response playbooks to ensure rapid, measured action during incidents.

• Manage vendor relationships, contracts, and budgets for uniformed services and security technology, and hold vendors to measurable SLAs.

• Build and maintain access control and visitor management policies that protect people while supporting a welcoming workplace.

• Coordinate protective intelligence and law enforcement engagement for SF leadership and critical events.

• Design and run emergency preparedness, crisis response, and continuity planning for SF sites.

• Mentor and develop security operations staff and lines of work to create reliable, repeatable systems.

• Serve as the primary SF security partner to Workplace, Real Estate, Executive Protection, Legal, and People teams.

• Represent SF CorpSec to senior leadership and the broader company, advising on risk and operational trade offs with clarity and empathy.

You may be a fit for this role if you have:

• 15+ years of progressive security leadership experience across corporate, public sector, military, or similarly complex environments, including oversight of large, multi-site operations. Law enforcement experience is a plus.

• Proven experience leading physical security programs at a large HQ or multi office campus, including guard force and access control.

• Track record of building scalable systems and playbooks from ambiguous starting points.

• Experience leveraging technology to drive automation and scale, with experience designing and implementing enterprise access control, CCTV, visitor management, and AI-enabled security platforms, while utilizing internal tools and data systems to improve operational efficiency and visibility.

• Strong vendor and contract management skills with experience driving measurable service delivery.

• Experience working with executive stakeholders and external partners, including law enforcement and local authorities.

• Excellent written and verbal communication, with the ability to translate operational trade offs for senior leaders.

• Comfort operating in ambiguity and making decisions under time pressure while prioritizing employee care and legal compliance.

• Familiarity with Google Workspace, emergency notification systems, and travel or risk intelligence platforms is helpful.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity.

XML job scraping automation by YubHub