About the RoleWe are looking for an experienced Regulatory & Product Assurance IC to help scale OpenAI's GRC function across product launches, regulatory readiness, and customer trust. You will partner closely with Product, Security, Legal, Privacy, Field Security, and GTM teams to make sure OpenAI can move quickly while maintaining our security and compliance claims and giving customers, auditors, and regulators accurate and actionable information about how OpenAI handles user data.
This role is
not about supporting SOC or ISO audits; it's a highly cross-functional and deeply operational role to ensure that our products launch with the right controls; our external narratives remain true and GTM and customers are enabled with the right information to assess OpenAI's security and compliance. You will help build the systems, content, escalation paths, and automation that allow OpenAI to support enterprise customers, strategic launches, and emerging regulatory expectations without turning GRC into a bottleneck. You should be comfortable working across high-visibility product launches, data handling policy creation, customer security reviews, public trust content, launch readiness, regulated products, release risk assessments, and product assurance evidence.
We're looking for people who bring:- Strong product assurance, product launch review, customer trust, security compliance, or enterprise trust experience in a technical environment.
- Ability to support GTM teams with accurate, approved, customer-facing security and compliance narratives.
- Judgment to distinguish what can be answered directly, what requires Product/Security/Legal review, and what should not be claimed externally.
- Experience building scalable operating models, metrics, content systems, and automation for repeated assurance workflows.
- Excellent written communication and comfort translating technical security concepts for customers, auditors, regulators, Sales, and Field Security.
In this role, you will:- Own and improve the customer trust operating model with other org members and partner teams, including intake, triage, escalations, SLAs, metrics, and quality review.
- Support strategic customer trust needs, including security questionnaires, customer calls, Trust Center updates, and high-priority deal support.
- Partner with Product, Security, Legal, Privacy, and GTM teams to prepare accurate, approved trust materials for launches and regulated product changes.
- Build reusable customer-facing narratives, FAQs, evidence paths, and whitepapers that reduce one-off work while keeping claims controlled.
- Ensure external security and compliance claims are supported by internal processes and controls.
- Ensure product launches support our external security and compliance narrative; scale launch reviews to ensure GRC is not a bottleneck.
- Develop data handling guidance as needed to provide product teams a paved path consistent with our external commitments.
- Use automation and AI-native workflows across internal and external tooling, Codex, and related systems to improve speed and consistency.
- Turn recurring customer discovery into reusable content, product feedback, evidence improvements, and control-gap signals.
You might thrive in this role if:- You have operated as a senior IC in GRC, product assurance, customer trust/assurance, security compliance, enterprise trust, product security assurance, or a closely related function.
- You have technical fluency across SaaS, cloud, security controls, product launches, and enterprise assurance workflows.
- You have experience in scaling product launch reviews.
- You have vertical specific experience in Healthcare, Financial Services and Advertising.
- You have supported GTM, Field Security, Sales Engineering, Customer Success, or strategic enterprise customers.
- You write clearly, precisely, and with excellent judgment about external claims and evidence.
- You can build systems, metrics, and escalation paths that scale a high-volume assurance function without sacrificing quality.
- You are excited to use Codex and other AI-native tools to reduce manual review, automate launch review processes, and keep approved content current.
