openai

Product Manager, Codex Security Controls & Partner Interfaces

Remote - US

Locked: USAAny timezoneNo requirementSalary listedConfirmed last night

Cove Score breakdown

What last night's scan found for this job. The Cove Score formula isn't final yet, so this is the facts, not a number.

Geo-lockLocked: USA
TimezoneAny timezone, no overlap clause found
LanguageNo requirement found
Salary transparencyListed by the company
FreshnessConfirmed in last night’s scan

Salary

$293,000–385,000/yr

Listed by the company, not a Covesight estimate.

About the role

ABOUT THE TEAM

OpenAI’s Cyber team works to make frontier AI safe, trusted, and transformative for developers and enterprises.

This team is building the security foundation for Codex: the native controls that govern what Codex can access and do, and the interfaces that allow customers and security partners to inspect, constrain, approve, and respond to Codex activity.

Our goal is to make Codex secure by default, governable by enterprises, and interoperable with the security products customers already trust. This extends the existing product direction around tenant-scoped tools, guarded actions, approval systems, and scalable partner interfaces.

ABOUT THE ROLE

We are looking for a deeply technical Product Manager to help build Codex security controls and the partner ecosystem around them.

This role focuses on securing Codex itself: how identity, permissions, tools, MCP servers, repositories, secrets, networks, and high-impact actions are governed across Codex products.

You will also help define standard interfaces through which authorized customer and partner systems can provide security context, inspect activity, return policy decisions, receive telemetry, and initiate bounded responses.

You will work closely with Codex product and engineering, OpenAI Security and Safety, enterprise customers, and partners across application security, identity, cloud security, data security, infrastructure, and security operations.

IN THIS ROLE YOU WILL

Build native security controls for Codex

Partner with engineering, design, security, and safety teams to develop controls for:

Help establish a graduated authority model in which local, read-only, and reversible actions require less friction than actions involving production systems, credentials, sensitive data, or irreversible changes.

Define partner interfaces

Develop common, versioned interfaces that allow customer-selected security products to participate in Codex workflows.

These interfaces may support:

Define clear requirements for authentication, authorization, customer consent, data minimization, latency, retries, failure behavior, auditability, and backwards compatibility.

Ensure integrations use shared platform contracts rather than creating a different Codex architecture for every partner.

Build the partner ecosystem

Work directly with security vendors and enterprise design partners to turn the interfaces into production integrations.

Create partner SDKs, reference implementations, technical documentation, test environments, conformance suites, and certification requirements.

Prioritize partners based on customer value, technical relevance, deployment readiness, and their ability to improve the shared platform—not simply logo value or launch timing.

Turn lessons from individual partner engagements into reusable product capabilities.

Shape the customer experience

Define how enterprise administrators configure and understand Codex security controls, including:

Ensure developers receive clear, actionable explanations when an action is blocked or requires approval, rather than an opaque policy error.

Establish evaluation and launch gates

Work with security, safety, research, and engineering teams to test whether controls work under realistic and adversarial conditions.

Evaluate risks such as permission bypass, prompt injection, malicious tools, secret exposure, cross-tenant access, stale authorization, partner outages, conflicting decisions, and incomplete audit evidence.

Help determine when new Codex capabilities have sufficient controls, reliability, and usability for broader deployment.

YOU MIGHT THRIVE IN THIS ROLE IF YOU

NICE TO HAVE

WHAT SUCCESS LOOKS LIKE

During your first six months, you will have helped establish:

During your first year, you will have helped ship meaningful controls across sensitive Codex workflows, brought standardized partner interfaces into production use, and demonstrated that enterprises can grant Codex greater authority without sacrificing visibility, control, or accountability.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic.

For additional information, please see OpenAI’s Affirmative Action and Equal Employment Opportunity Policy Statement https://cdn.openai.com/policies/eeo-policy-statement.pdf.

Background checks for applicants will be administered in accordance with applicable law, and qualified applicants with arrest or conviction records will be considered for employment consistent with those laws, including the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, for US-based candidates. For unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage; return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment; and maintain the confidentiality of proprietary, confidential, and non-public information. In addition, job duties require access to secure and protected information technology systems and related data security obligations.

To notify OpenAI that you believe this job posting is non-compliant, please submit a report through this form https://form.asana.com/?d=57018692298241&k=5MqR40fZd7jlxVUh5J-UeA. No response will be provided to inquiries unrelated to job posting compliance.

We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link https://form.asana.com/?k=bQ7w9h3iexRlicUdWRiwvg&d=57018692298241.

OpenAI Global Applicant Privacy Policy https://cdn.openai.com/policies/global-employee-and-contractor-privacy-policy.pdf

At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared. Join us in shaping the future of technology.

Covesight rechecks every listing nightly. Last confirmed live: 2026-07-16.

Apply on the original listing →

Similar jobs

Free

One free daily alert, straight to your inbox

Full access to the eligibility-verified board, every listing, every day, no paywall on the facts. One free daily alert lands in your inbox each morning.

Get your free daily alert →

Want it ranked and personalized every morning? See Covesight Plus →