1Password

Cybersecurity

SecurityEngineer

United States; Canada FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Security Engineer at 1Password. Skills: GRC Automation, Security Engineering, AI-assisted workflows. Design and implement automation. Build automation that scales”

What You'll Achieve.

Build automation that scales our security and privacy commitments; Operationalization and expansion of our GRC platform; Automate evidence collection; Automate control monitoring; Automate vendor risk; Make GRC repeatable, visible, and built into how the company works; Build things and be expected to understand what you built; Contribute to the roadmap for automated, resilient internal assurance infrastructure; Execute with quality; Grow toward owning larger workstreams

Industry & Context.

Cybersecurity

Problems you'll solve

Solve hard problems; Translate policies into scalable technical systems; AI tradeoff awareness; Systems thinking

Eligibility Requirements

Travel for in-person engagement, Background check

What They're Looking For.

Must Have

3+ years of experience in security engineering, DevSecOps, solutions engineering, GRC automation, or compliance roles, Experience working with GRC, compliance, or audit teams to support automation for evidence collection, control testing, or security monitoring, Hands-on experience working with GRC platforms (e. g. , Drata, Vanta, Tines, JupiterOne) — configuration, integration, or implementation experience is signal, Scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools, Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems, Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations, Organizational and delivery skills — you can manage your workstreams with clear milestones, communicate progress proactively, and keep multiple tasks moving without losing quality, Curiosity and experience with AI-assisted workflows — you've experimented with LLMs, agentic tools, or automation pipelines in a GRC or compliance context and can describe what you tried, what worked, and what you'd do differently, Comfortable in auditor-facing settings — you can explain your work clearly to external auditors and senior stakeholders

Nice to Have

Hands-on experience with event-driven automation platforms like Tines and their use in control validation and alerting, Experience building evidence pipelines, tagging telemetry, or creating compliance dashboards, Familiarity with cloud-native security architecture and its relationship to compliance controls (e. g. , AWS IAM, encryption, logging), Experience in customer trust, privacy engineering, or supporting sales/GTM teams with compliance assurance content, Familiarity with EU AI Act, NIST AI RMF, or emerging AI governance frameworks, CISA, Security+, or equivalent certification, or actively working toward one

What You'll Do.

Design and implement automation

Build automation that scales

Contribute to operationalization

Build and execute AI-assisted workflows

Automate evidence collection

Automate control monitoring

Explain what you built

Contribute to implementation

Build automated workflows

Design AI-assisted compliance workflows

Manage project workstreams

Collaborate with teams

Contribute to roadmap

How You'll Work.

Team & Collaboration

Work closely with Senior Manager of GRC; Work closely with senior GRC engineers; Work cross-functionally with security, compliance, legal, and infrastructure teams; Collaborate with teams across Security, GRC, and Engineering

Communication Scope

Explain your work clearly to external auditors; Explain your work clearly to senior stakeholders; Communicate progress proactively

Process & Methodology

Manage workstreams with clear milestones, Communicate progress proactively, Keep multiple tasks moving, Manage project workstreams with clear scope and milestones, Communicating progress, Flagging blockers proactively

Full Job Description

1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row and teaming up with iconic partners like Oracle Red Bull Racing. About 1Password At 1Password, we’re building the foundation for a safe, productive digital future. Our mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. As one of the most loved brands in cybersecurity, we take a human-centric approach in everything from product strategy to user experience. Over 180,000 businesses, from Fortune 100 leaders to the world’s most innovative AI companies, trust 1Password to help their teams securely adopt the SaaS and AI tools they need to do their best work. If you're excited about the opportunity to contribute to the digital safety of millions, to work alongside a team of curious, driven individuals, and to solve hard problems in a fast-paced, dynamic environment, then we want to hear from you. Come join us and help shape a safer, simpler digital future. Trust is earned — and we're building the systems to earn it at scale. 1Password is looking for a Security Engineer – GRC Automation to help design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations. You'll work closely with the Senior Manager of GRC and senior GRC engineers to build automation that scales our security and privacy commitments — from audit readiness and policy enforcement to customer trust workflows. A key focus for this role will be contributing to the operationalization and expansion of our GRC platform (Drata), building and executing AI-assisted workflows that automate evidence colle

Free ATS check

Applying for this Security Engineer role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 39 detected · ranked by frequency

AI-assisted workflows ×5

Automation ×3

Dashboards ×3

Integrations ×3

Evidence collection ×3

Control monitoring ×3

Workflow automation ×3

Scripting ×3

API integration ×3

Data tagging ×3

Telemetry tagging ×3

Compliance dashboards ×3

GRC Automation ×2

Security Engineering ×2

Python ×2

JavaScript ×2

APIs ×2

Webhooks ×2

Drata ×2

Vanta ×2

Tines ×2

JupiterOne ×2

Customer trust ×2

AWS IAM

Encryption

Logging

Governance

Risk

Compliance

Audit readiness

Policy enforcement

Vendor risk

Role Details

Experience 3–5 yrs

Level Mid

Work Mode Remote

Type FULL TIME

Category security

AI-Extracted Insights

Domain Areas

governanceriskcompliancesoc-2iso-27001nist-800-53cloud-native-security-architecturecustomer-trust

Certifications

CISASecurity+

How to Apply on Ashby

Ashby is a fast modern ATS — most applications take under 3 minutes.
The resume parser is strong; verify parsed experience dates and job titles.
Custom screening questions are often scored algorithmically — answer completely.
Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about 1Password?

Real rants from real employees. Read before you apply.

Read Company Rants →