IAM Engineer
OpenAI
Job Description
About the Team
OpenAI’s IT organization supports the mission of deploying artificial general intelligence (AGI) for the benefit of all. Our team is committed to providing seamless technological support and solutions to ensure that all OpenAI employees are well-equipped and connected. This enables them to contribute effectively towards our AI research, corporate operations and product initiatives.
About the Role
As an IAM Engineer at OpenAI, you will play a crucial role in ensuring that all team members have the appropriate access to our systems and data, primarily using AzureAD within our enterprise IT team. Your responsibilities will include managing and optimizing user access and identities, automating processes for efficiency, and maintaining compliance with industry standards. This role requires a proactive approach to understand and meet the diverse needs of our team, helping to develop scalable IAM solutions that enhance user access without compromising security. By maintaining precise and responsive access controls, you will directly support the productivity and collaboration across OpenAI.
In this role, you will:
Manage identity access and configurations using AzureAD, ensuring appropriate access control across all user accounts, including the implementation of birthright access for automatic provisioning based on role or department.
Develop and implement access management policies and procedures, focusing on automation and efficiency to streamline user access to resources and ensure that new hires receive immediate and appropriate access rights.
Customize and optimize the provisioning and de-provisioning processes to meet diverse user requirements, maintaining a balance between accessibility and security, and ensuring that access rights are appropriately adjusted or removed when roles change.
Collaborate closely with our enterprise security team to ensure that access controls align with the latest security standards and company policies, incorporating birthright access principles to enhance compliance and reduce manual intervention.
Lead initiatives to improve identity and access management practices through the adoption of advanced technologies and methodologies, including automated workflows for role-based access control.
Implement automated processes for user lifecycle management, enhancing the efficiency and effectiveness of our onboarding and offboarding procedures, and ensuring that access rights are granted and revoked in accordance with organizational changes and policy updates, with a specific focus on scaling Azure/Entra lifecycle workflows using Terraform.
You may be a fit for this role if you have:
Deep technical expertise in Azure Active Directory and identity management systems, with substantial experience in managing automated provisioning and de-provisioning based on predefined access rights and implementing Azure/Entra lifecycle workflows at scale.
Advanced skills in scripting and automation, particularly in Python and PowerShell, with proven ability to develop solutions that improve operational efficiency and user access management, including the automation of birthright access.
Extensive experience with identity governance and administration platforms, particularly focusing on AzureAD, to ensure robust management of user identities and access privileges, including automatic role-based access provisioning.
Expertise in deploying and managing access control mechanisms, with a strong understanding of compliance frameworks and security protocols in enterprise environments, and how they integrate with birthright access strategies.
Demonstrated capability in adopting and applying best practices in identity and access management, contributing to a secure and efficient IT infrastructure.
Experience in implementing streamlined and automated access solutions for a diverse workforce, enhancing user experience without compromising security, with proficiency in using Terraform for infrastructure as code.
Proficiency in designing and enforcing access policies and procedures that meet the stringent requirements of a fast-paced, security-conscious organization, with a focus on automating access based on user roles and responsibilities.
This is a hybrid role and will require 3 days a week in our San Francisco office.
About OpenAI
OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity.
We are an equal opportunity employer and do not discriminate on the basis of race, religion, national origin, gender, sexual orientation, age, veteran status, disability or any other legally protected status.
For US Based Candidates: Pursuant to the San Francisco Fair Chance Ordinance, we will consider qualified applicants with arrest and conviction records.
We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link.
OpenAI Global Applicant Privacy Policy
At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared. Join us in shaping the future of technology.