HireHireOpenAI jobs › Product Manager, Codex Security Controls & Partner Interfaces

Product Manager, Codex Security Controls & Partner Interfaces

Apply for this role or explore on the map →

About the Team OpenAI’s Cyber team works to make frontier AI safe, trusted, and transformative for developers and enterprises. This team is building the security foundation for Codex: the native controls that govern what Codex can access and do, and the interfaces that allow customers and security partners to inspect, constrain, approve, and respond to Codex activity. Our goal is to make Codex secure by default, governable by enterprises, and interoperable with the security products customers already trust . This extends the existing product direction around tenant-scoped tools, guarded actions, approval systems, and scalable partner interfaces. About the Role We are looking for a deeply technical Product Manager to help build Codex security controls and the partner ecosystem around them. This role focuses on securing Codex itself : how identity, permissions, tools, MCP servers, repositories, secrets, networks, and high-impact actions are governed across Codex products. You will also help define standard interfaces through which authorized customer and partner systems can provide security context, inspect activity, return policy decisions, receive telemetry, and initiate bounded responses. You will work closely with Codex product and engineering, OpenAI Security and Safety, enterprise customers, and partners across application security, identity, cloud security, data security, infrastructure, and security operations. In this Role you Will Build native security controls for Codex Partner with engineering, design, security, and safety teams to develop controls for: Identity, roles, permissions, and tenant isolation. Access to repositories, files, tools, MCP servers, secrets, networks, and infrastructure. Read, write, execute, and deployment authority. Human and policy-based approvals. Prompt-injection and untrusted-content defenses. Audit trails, provenance, stop conditions, revocation, and rollback. Help establish a graduated authority model in which local, read-only, and reversible actions require less friction than actions involving production systems, credentials, sensitive data, or irreversible changes. Define partner interfaces Develop common, versioned interfaces that allow customer-selected security products to participate in Codex workflows. These interfaces may support: Sharing trusted identity, task, resource, and environment context. Inspecting code, commands, artifacts, tool calls, or planned actions. Returning allow, deny, constrain, or require-approval decisions. Exporting normalized execution and security telemetry. Pausing activity, revoking access, or requiring reauthorization. Define clear requirements for authentication, authorization, customer consent, data minimization, latency, retries, failure behavior, auditability, and backwards compatibility. Ensure integrations use shared platform contracts rather than creating a different Codex architecture for every partner. Build the partner ecosystem Work directly with security vendors and enterprise design partners to turn the interfaces into production integrations. Create partner SDKs, reference implementations, technical documentation, test environments, conformance suites, and certification requirements. Prioritize partners based on customer value, technical relevance, deployment readiness, and their ability to improve the shared platform—not simply logo value or launch timing. Turn lessons from individual partner engagements into reusable product capabilities. Shape the customer experience Define how enterprise administrators configure and understand Codex security controls, including: Policies by user, workspace, repository, environment, tool, or action. Approved security providers and permitted data sharing. Approval requirements and time-limited exceptions. Policy inheritance and conflict resolution. Audit, investigation, and incident-response workflows. Ensure developers receive clear, actionable explanations when an action is blocked or requires approva

More roles at OpenAI

See OpenAI & thousands more on the map

Every tech & IT company hiring across India — with AI match scores — on one live map.

Open the map →