OpenAI

Product Manager, Codex Security Controls & Partner Interfaces

OpenAI$130K — $180K *
US-AnywhereRemote in United States
Enterprise Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in product management, particularly in security or development platforms.
  • Proficient in identity management, authorization protocols, and sandboxing techniques.
  • Deep understanding of security principles, including audit systems and trust boundaries.
  • Experience in developing integrations across complex enterprise systems or ecosystems.
  • Strong communication skills with the ability to engage technical and non-technical stakeholders.

Responsibilities

  • Build and implement native security controls for Codex.
  • Develop common interfaces for partner integrations in security workflows.
  • Work with security vendors to create production integrations based on defined interfaces.
  • Define enterprise admin configurations for Codex security controls.
  • Establish evaluation criteria for Codex capabilities under adverse conditions.

Benefits

  • Collaborative work environment with cross-functional teams.
  • Opportunity to work on cutting-edge security technology in an evolving landscape.
  • Access to professional development and growth opportunities.
  • Ability to shape enterprise-level security protocols and strategies.
Full Job Description
About the Role

We are looking for a deeply technical Product Manager to help build Codex security controls and the partner ecosystem around them.

This role focuses on securing Codex itself: how identity, permissions, tools, MCP servers, repositories, secrets, networks, and high-impact actions are governed across Codex products.

You will also help define standard interfaces through which authorized customer and partner systems can provide security context, inspect activity, return policy decisions, receive telemetry, and initiate bounded responses.

You will work closely with Codex product and engineering, OpenAI Security and Safety, enterprise customers, and partners across application security, identity, cloud security, data security, infrastructure, and security operations.

In this Role you Will

Build native security controls for Codex

Partner with engineering, design, security, and safety teams to develop controls for:
  • Identity, roles, permissions, and tenant isolation.
  • Access to repositories, files, tools, MCP servers, secrets, networks, and infrastructure.
  • Read, write, execute, and deployment authority.
  • Human and policy-based approvals.
  • Prompt-injection and untrusted-content defenses.
  • Audit trails, provenance, stop conditions, revocation, and rollback.

Help establish a graduated authority model in which local, read-only, and reversible actions require less friction than actions involving production systems, credentials, sensitive data, or irreversible changes.

Define partner interfaces

Develop common, versioned interfaces that allow customer-selected security products to participate in Codex workflows.

These interfaces may support:
  • Sharing trusted identity, task, resource, and environment context.
  • Inspecting code, commands, artifacts, tool calls, or planned actions.
  • Returning allow, deny, constrain, or require-approval decisions.
  • Exporting normalized execution and security telemetry.
  • Pausing activity, revoking access, or requiring reauthorization.

Define clear requirements for authentication, authorization, customer consent, data minimization, latency, retries, failure behavior, auditability, and backwards compatibility.

Ensure integrations use shared platform contracts rather than creating a different Codex architecture for every partner.

Build the partner ecosystem

Work directly with security vendors and enterprise design partners to turn the interfaces into production integrations.

Create partner SDKs, reference implementations, technical documentation, test environments, conformance suites, and certification requirements.

Prioritize partners based on customer value, technical relevance, deployment readiness, and their ability to improve the shared platform-not simply logo value or launch timing.

Turn lessons from individual partner engagements into reusable product capabilities.

Shape the customer experience

Define how enterprise administrators configure and understand Codex security controls, including:
  • Policies by user, workspace, repository, environment, tool, or action.
  • Approved security providers and permitted data sharing.
  • Approval requirements and time-limited exceptions.
  • Policy inheritance and conflict resolution.
  • Audit, investigation, and incident-response workflows.

Ensure developers receive clear, actionable explanations when an action is blocked or requires approval, rather than an opaque policy error.

Establish evaluation and launch gates

Work with security, safety, research, and engineering teams to test whether controls work under realistic and adversarial conditions.

Evaluate risks such as permission bypass, prompt injection, malicious tools, secret exposure, cross-tenant access, stale authorization, partner outages, conflicting decisions, and incomplete audit evidence.

Help determine when new Codex capabilities have sufficient controls, reliability, and usability for broader deployment.

You Might Thrive in This Role If You
  • Have built enterprise security, developer-platform, infrastructure, or control-plane products.
  • Understand identity, authorization, sandboxing, secrets, tool use, APIs, and audit systems.
  • Think naturally in terms of trust boundaries, failure modes, and abuse paths.
  • Can balance security, developer productivity, latency, reliability, and customer control.
  • Have experience building integrations across complex enterprise systems or partner ecosystems.
  • Can turn conflicting partner requirements into a coherent platform.
  • Communicate credibly with developers, security architects, CISOs, researchers, and partner product teams.
  • Prefer measurable security outcomes and real adoption over demonstrations or integration announcements.
Nice to Have
  • Experience in application security, identity, cloud security, data security, source control, CI/CD, SIEM, or enterprise governance.
  • Familiarity with RBAC, ABAC, policy-as-code, OAuth, OIDC, workload identity, or secrets management.
  • Experience with AI agents, MCP, sandboxed execution, prompt-injection defenses, or agent-security evaluations.
  • Experience building SDKs, developer platforms, integration marketplaces, or certification programs.
What Success Looks Like

During your first six months, you will have helped establish:
  • A clear roadmap for native Codex controls and partner-extensible controls.
  • A common architecture for security context, policy decisions, inspection, telemetry, and response.
  • Initial reference integrations with a focused group of partners.
  • Evaluation and launch criteria for high-risk Codex capabilities.
  • Baseline measures for control coverage, bypass resistance, latency, reliability, and developer experience.

During your first year, you will have helped ship meaningful controls across sensitive Codex workflows, brought standardized partner interfaces into production use, and demonstrated that enterprises can grant Codex greater authority without sacrificing visibility, control, or accountability.

About OpenAI

OpenAI is an artificial intelligence research laboratory consisting of the for-profit corporation OpenAI LP and its parent company, the non-profit OpenAI Inc. The company was founded in 2015 by a group of technology leaders, including Elon Musk, Sam Altman, Greg Brockman, Ilya Sutskever, and John Schulman. OpenAI's mission is to develop and promote friendly AI for the betterment of humanity. The company has developed a number of cutting-edge AI technologies, including GPT-3, a language processing system that can generate human-like text. OpenAI has received funding from a number of high-profile investors, including LinkedIn co-founder Reid Hoffman and venture capitalist Peter Thiel.
Learn more about OpenAI
Size
100 employees
Industry
Founded
2015

Similar Jobs

More Jobs at OpenAI

More Enterprise Technology Jobs

Find similar Product Manager, Codex Security Controls & Partner Interfaces jobs: