Build Your Career in Cybersecurity -
YOUR WAY

Overview:

In a defense industry setting, the Principal Security Engineer is a senior-level expert responsible for safeguarding sensitive systems and data against cyber threats. They design, implement, and maintain advanced security architectures while ensuring compliance with strict government security standards. This role requires deep technical cybersecurity expertise, strategic thinking, and leadership skills to guide teams and influence the program security posture. This senior position in the program, requires U.S. citizenship and an active security clearance due to the sensitive nature.

• Security Architecture & Strategy: Design and implement comprehensive cybersecurity strategies and architectures for defense systems, ensuring robust protection of networks and data. Identify and document system security requirements and develop solutions to meet or exceed those requirements.
• Risk Assessment & Mitigation: Conduct regular security risk assessments and threat analyses to identify vulnerabilities in systems. Develop and deploy mitigation strategies and countermeasures to address identified risks and continuously evaluate emerging threats to keep defenses up to date.
• Security Operations & Monitoring: Oversee the configuration, maintenance, and continuous monitoring of security infrastructure (e.g. firewalls, intrusion detection systems, SIEM tools) to detect and respond to security incidents in real time. Lead incident response planning and coordinate effective response to any security breaches or violations.
• Compliance & Documentation: Ensure all systems and projects comply with defense industry security standards and regulations (such as NIST SP 800-53, NIST 800-160, Risk Management Framework, and DoD STIGs). Maintain required security documentation and accreditation materials (e.g. System Security Plans, risk assessment reports) to support authority to operate and other compliance requirements.
• Cross-Functional Collaboration: Work closely with cross-functional teams (systems engineering, software development, IT, and project management) to integrate security requirements into all phases of system development and operations. Provide expert guidance on security best practices during design, implementation, and deployment of defense systems.
• Leadership & Mentorship: Lead security initiatives and projects, ensuring they are delivered on schedule and within scope. Mentor and guide junior security engineers and team members, fostering a culture of security awareness and continuous improvement. Communicate security issues and strategies to senior leadership and stakeholders in clear, actionable terms.

Required Qualifications:

• Education: Bachelor’s degree in computer science, Cybersecurity, Systems Engineering, or a related field. Strong foundational knowledge of information security principles and practices is assumed.
• Experience: Extensive experience in security engineering or related field – typically 8-10+ years in progressively senior roles. Proven track record of securing complex systems, preferably in defense or highly regulated environments.
• Technical Expertise: In-depth knowledge of cybersecurity domains including network and system security, secure software development, encryption protocols, and vulnerability management. Hands-on experience designing and evaluating security architectures for complex systems and implementing enterprise security.
• Standards & Frameworks: Familiarity with U.S. defense and federal security standards and frameworks, such as NIST Special Publications (800-53, 800-160) and the Risk Management Framework (RMF) process. Experience developing or assessing Security Authorization artifacts in accordance with government requirements (e.g. NIST SP 800-37 RMF accreditation packages) is highly valued.
• Security Clearance: U.S. citizenship is required. Active Secret security clearance (or eligibility to obtain one) is required due to the sensitive nature of defense projects.

​

Preferred Qualifications:

• Certifications: Relevant security certifications are preferred, for example CISSP or CISM for general cybersecurity management. DoD 8140 IAM/IAT or IASAE Level II/III certifications (e.g. CISSP-ISSEP, ISSAP) are a strong plus, as they demonstrate knowledge required for securing defense systems.
• Soft Skills: Excellent leadership and project management skills, with the ability to lead cross-functional security projects from concept to completion. Strong communication skills are essential – able to explain complex security concepts to non-technical stakeholders and to train staff on security best practices. A proactive mindset, attention to detail, and the highest ethical standards are expected for this role.

Red River offers a competitive salary, excellent benefits and an exceptional work environment. You can review our benefit offerings here. If you are ready to join a growing company, please submit your resume and cover letter (optional).

​

EOE M/F/DISABLED/Vet

​

Red River is an equal opportunity employer. All qualified applicants will receive consideration for employment. Discrimination or harassment based upon any protected characteristics as defined by state or federal law is wholly inconsistent with our company values and will not be tolerated.

​

In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veterans Readjustment Act of 1974, and Title I of the American’s with Disabilities Act of 1990, applicants that require accommodation in the job application process may contact accommodation@redriver.com. PLEASE NOTE: This contact channel is reserved for use by individuals with disabilities who require special accommodations in order to submit an expression of interest in a position within Red River.

​

Red River does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings or otherwise. Placement fees will not be paid to any recruiter unless Red River has an active agreement in place with the recruiter and such a request has been made by the Red River Talent Acquisition team and such candidate was submitted to the Red River Talent Acquisition Team via our Applicant Tracking System. Any unsolicited resumes or other data submitted to Red River in violation of this policy may be used by Red River without obligation to pay any fees of any kind to the recruiter.

About the Team

Security is at the foundation of OpenAI’s mission to ensure that artificial general intelligence benefits all of humanity.

The Security team protects OpenAI’s technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our Security team tenets include: prioritizing for impact, enabling researchers, preparing for future transformative technologies, and engaging a robust security culture.

​

About the Role

We're seeking an exceptional Security Engineer on the Offensive Security team to challenge and strengthen OpenAI's security posture. This role isn't your typical red team job - it's an opportunity to engage broadly and deeply, craft innovative attack simulations, collaborate closely with defensive teams, and influence strategic security improvements across the organization.

You'll have the chance to not only find vulnerabilities but actively drive their resolution, automate offensive techniques with cutting-edge technologies, and use your unique attacker perspective to shape our security strategy.

This role is open to remote employees, or relocation assistance is available to one of our OpenAI offices in San Francisco, Seattle, or New York City.

• Conduct open-scope red and purple team operations, simulating realistic attack scenarios.
• Collaborate proactively with defensive security teams to enhance detection, response, and mitigation capabilities.
• Perform comprehensive penetration testing on our diverse suite of products.
• Leverage advanced automation and OpenAI technologies to optimize your offensive security work.
• Present insightful, actionable findings clearly and compellingly to inspire impactful change.
• Influence security strategy by providing attacker-driven insights into risk and threat modeling.

Required Qualifications:

• 7+ years of hands-on red team experience or exceptional accomplishments demonstrating equivalent expertise.
• Deep expertise conducting offensive security operations within modern technology companies.
• Proven experience performing offensive security assessments in at least one hyperscaler cloud environment (Azure preferred).
• Demonstrated mastery assessing complex technology stacks, including:
• Highly customized Kubernetes clusters
• Container environments
• CI/CD pipelines
• GitHub security
• macOS and Linux operating systems
• Data science tooling and environments
• Python-based web services
• React-based frontend applications
• Exceptional skill in code review, identifying novel and subtle vulnerabilities.
• Strong intuitive understanding of trust boundaries and risk assessment in dynamic contexts.
• Excellent coding skills, capable of writing robust tools and automation for offensive operations.
• Ability to communicate complex technical concepts effectively through compelling storytelling.
• Proven track record of not just finding vulnerabilities but actively contributing to solutions in complex codebases.

​

Preferred Qualifications:

• Active U.S. Government Security Clearance, or eligibility and willingness to obtain one.
• Experience testing AI-driven systems.
• Background or expertise in AI or data science.
• Prior experience working in tech startups or fast-paced technology environments.
• Experience in related disciplines such as Software Engineering (SWE), Detection Engineering, Site Reliability Engineering (SRE), Security Engineering, or IT Infrastructure.

About OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.

We are an equal opportunity employer and do not discriminate on the basis of race, religion, national origin, gender, sexual orientation, age, veteran status, disability or any other legally protected status.

OpenAI Affirmative Action and Equal Employment Opportunity Policy Statement

For US Based Candidates: Pursuant to the San Francisco Fair Chance Ordinance, we will consider qualified applicants with arrest and conviction records.

We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link.

OpenAI Global Applicant Privacy Policy

At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared. Join us in shaping the future of technology.

Job Description

​

We are seeking a skilled and dynamic IAM Engineer II to join our IAM team. This role is pivotal in implementing and maintaining our secure authentication and authorization services for MiTek. The ideal candidate will take a hands-on approach to providing operational support for our company's IAM solutions while collaborating closely with cross-functional teams to identify and resolve potential issues. They will also focus on optimizing the performance, stability, and availability of our IAM infrastructure.

​

Company Overview

​

MiTek is a platform innovator and enabler that exists to transform the building industry with better building solutions. In 1955, MiTek transformed residential construction with the invention of the Gang-Nail plate and a digital platform that provided an affordable and scalable way to manufacture wood trusses. Today, MiTek delivers software, services, engineered products, and automated solutions that enable the building industry to improve efficiencies by optimizing the balance between off-site and on-site. With nearly 5,600 team members worldwide, MiTek collaborates across the building industry to enable and accelerate transformational breakthroughs in design and construction to transform the way the industry designs, makes, and builds. As a Berkshire Hathaway (NYSE: BRK-A, NYSE: BRK-B) company since 2001, MiTek has a record of continuous growth and innovation.

• Cybersecurity Hygiene: Participate in efforts to ensure that relevant privileged access controls are adequately enforced across platforms and applications
• Integration: Provide support for CIAM integrations with authentication services enabled by Ping Identity solutions.
• Best Practices: Maintain advanced knowledge of industry standards and best practices surrounding IAM technologies and apply them to daily operations.
• Security Advocacy: Champion a "security by design" approach within IAM processes, promoting a secure culture across the organization.
• Collaboration: Work with cross-functional teams to identify potential IAM challenges and implement innovative solutions to optimize system performance and stability.
• Community Engagement: Actively participate in local IAM and cybersecurity working groups to stay updated on the latest trends and technologies.
• Operational Support:
• Provide hands-on operational support for IAM solutions, including Microsoft Active Directory, Microsoft Entra ID, and Ping Identity
• Participate in on-call rotation and DR exercises, and develop solutions and processes to eliminate or reduce off hours support calls

Required Qualifications:

​

• Bachelor’s degree in computer science, information technology, or related field required.
• Proven experience with common identity protocols including: SAML, OAuth, OIDC, FIDO, SCIM, LDAP
• 2+ years' experience in Microsoft Active Directory and Microsoft Entra ID.
• 2+ years' experience with Ping Identity solutions
• 2+ years' deploying and supporting Single Sign-on (SSO) in applications including tracing, logging, and real-time troubleshooting
• Understanding of IGA concepts including identity lifecycle management and JML workflows
• Proven ability to automate repetitive tasks; especially with programming/scripting languages like PowerShell or Python
• Experience with public cloud platforms, cloud security concepts and cloud platform IAM services.
• Advanced knowledge of IAM best practices, infrastructure optimization, and security principles.

​

Preferred Qualifications:

​

• Relevant certifications (e.g., Microsoft Certified: Identity and Access Administrator Associate, Microsoft Azure certifications).
• Experience with IAM tools, automation, or cloud-based identity solutions.

Soft Skills

​

Must be self-motivated, team oriented and possess strong communication and interpersonal skills. Candidate should possess strong organizational skills, be detail oriented, and self-motivated with a demonstrated ability to problem solve. Strong sense of urgency and strong commitment to quality customer service is required. Ability to analyze and interpret data (metrics) to improve the delivery and support of services to our customers. Familiarity with and/or ITIL concepts or certification preferred.

​

Additional Requirements

​

• 5% travel may be required.

​

Physical Demands

​

This role is performed in an office environment where a computer, telephone and other office equipment are used as needed to perform the duties of the role. This role may need to access areas within the building that are undergoing renovations which may contain jobsite hazards. Occasionally this role will required to push, pull, bend, lift and move up to 25 lbs.

​

MiTek Perks:

​

• Flexible Paid Time Off - take as much time off as you need!
• All Benefits begin on Day 1!
• Profit Sharing Plan and Annual Incentive Plan
• 13 Paid Holidays
• 401k Plan with Matching Contributions
• Paid Parental Leave and Paid Caregiver Leave
• A variety of Medical, Dental and Vision Plans to choose from
• Short-Term Disability Coverage, Long-Term Disability Coverage and Life Insurance
• Tuition Reimbursement
• Career advancement and training opportunities!

​

MiTek is an E-Verify and Drug and Tobacco-Free Workplace.

​

We are an equal opportunity employer; and all qualified applicants will receive consideration for employment without regard to race, color, creed, religion, national origin, ethnicity, physical or mental disability, sex (including pregnancy, sexual orientation, gender identity or expression, or transgender status), age (40 and over), genetic information (including family medical history), veteran status, or any other protected characteristic.

​

For accommodation to assist with completing this application, please contact Human Resources at +1 314-434-1200.

​

www.mii.com