Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
OpenAI

Product Policy, Cyber Policy Manager

OpenAI

. Provide cyber policy advice to technical and product teams based on a deep understanding of model capabilities, product architecture, abuse pathways, defensive security use cases, and the practical needs of cybersecurity teams.

Posted 5/4/2026full-timeSan Francisco • California • 🇺🇸 United StatesMid-LevelSenior💰 $261,000 - $290,000 per yearWebsite

Tech Stack

Tools & technologies
CloudCyber Security

About the role

Key responsibilities & impact
  • Provide cyber policy advice to technical and product teams based on a deep understanding of model capabilities, product architecture, abuse pathways, defensive security use cases, and the practical needs of cybersecurity teams.
  • Evaluate cyber-relevant product launches and model capabilities, including how they may support legitimate security work and how they could be misused by malicious or irresponsible actors.
  • Translate cyber threat risk into clear product requirements, launch guidance, enforcement standards, user-facing policy, and internal implementation guidance.
  • Develop operationalizable standards, enforcement protocols, and escalation paths for cyber abuse scenarios, including vulnerability exploitation, credential abuse, social engineering, malware enablement, phishing, data exfiltration, and misuse of security automation.
  • Partner with safety, security, product, engineering, research, legal, operations, communications, and global affairs teams to make principled, timely decisions about cyber risk in high-ambiguity situations.
  • Help build scalable policy frameworks for dual-use cyber capabilities, including where to draw boundaries between beneficial security research, defensive operations, and harmful cyber activity.

Requirements

What you’ll need
  • Have 5+ years of experience, or equivalent depth, in one or more of the following areas: cybersecurity, security engineering, threat intelligence, incident response, abuse investigations, detection engineering, product policy, cyber policy, trust and safety, or a closely related field.
  • Bring strong technical fluency in one or more cyber domains, such as vulnerability management, malware analysis, threat intelligence, incident response, phishing and credential abuse, detection engineering, secure software development, cloud security, identity and access management, or security automation.
  • Understand the modern cyber threat environment, including how sophisticated and opportunistic actors operate, how defenders detect and respond, and where AI can create both meaningful defensive value and misuse risk.
  • Can evaluate dual-use cyber capabilities with nuance, distinguishing between legitimate security research, authorized defensive activity, risky automation, and malicious or abusive behavior.
  • Communicate clearly with product managers, engineers, researchers, executives, security practitioners, and policy stakeholders, and enjoy turning ambiguous technical risk into practical decisions, requirements, and guidance.
  • Are comfortable building new policy frameworks, processes, and decision criteria in ambiguous or fast-moving areas.
  • Use data, threat intelligence, user feedback, and operational signals to improve policy quality, measure effectiveness, and identify emerging risks.
  • Care deeply about enabling beneficial cybersecurity work while preventing abuse.

Benefits

Comp & perks
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Relocation support for eligible employees
  • Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecuritysecurity engineeringthreat intelligenceincident responseabuse investigationsdetection engineeringsecure software developmentcloud securityidentity and access managementsecurity automation
Soft Skills
communicationdecision makingpolicy developmentproblem solvingcollaborationanalytical thinkingadaptabilitytechnical fluencyrisk assessmentstakeholder engagement