Description
As a Product Policy Manager specializing in Cyber, you will combine cyber and policy expertise to guide how OpenAI evaluates, launches, and governs capabilities relevant to cybersecurity. You will work closely with product, engineering, research, safety, security, legal, operations, and go-to-market teams to translate complex cyber risk into practical product policy, implementation standards, enforcement guidance, and launch decisions.
The role requires understanding both sides of the cyber equation: how defenders investigate, detect, triage, and respond to threats, and how malicious actors may attempt to misuse AI systems for vulnerability exploitation, social engineering, malware enablement, credential abuse, or other harmful activity. Strong candidates may bring depth in one or more cyber domains, such as attacker tradecraft, vulnerability discovery, malware analysis, phishing and credential abuse, identity and access risks, incident response, detection engineering, secure development, threat intelligence, abuse investigations, or security tooling , along with the ability to reason across adjacent areas.
As OpenAI continues to grow, this role will help align diverse teams and stakeholders while operating in a fast-moving, ambiguous environment.
This role is based in San Francisco, CA. We use a hybrid work model of 3 days in the office per week and offer relocation assistance to new employees.