1Password

Cybersecurity

SeniorSecurityEngineer,GRCAutomation

United States; Canada FULL TIME Remote Friendly

The Brief

“Senior Security Engineer, GRC Automation at 1Password. Skills: GRC Automation, AI-assisted workflows, Security Engineering. Design and implement automation, dashboards, and integrations. Build automation that scales security and privacy commitments”

What You'll Achieve.

Build automation that scales our security and privacy commitments; Own the delivery of those projects from scoping through go-live; Make GRC repeatable, visible, and built into how the company works; Ensure GRC platform is fully operationalized across key systems and workflows; Embed compliance into operational processes; Own the roadmap for automated, resilient internal assurance infrastructure; Set priorities, managing delivery across concurrent workstreams, communicating progress to GRC leadership, and making build vs. buy decisions that scale with the business

Industry & Context.

Cybersecurity

Problems you'll solve

Solve hard problems; AI tradeoff reasoning; Systems thinking

Eligibility Requirements

Work from home country, Background check

What They're Looking For.

Must Have

5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation roles, Proven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoring, Direct experience implementing and integrating GRC platforms (e. g. , Drata, Vanta, Tines, JupiterOne) into production environments, scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools, Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems, Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations, Project management and delivery ownership — experience managing multi-workstream compliance or security projects end-to-end: scoping, milestones, stakeholder communication, and on-time delivery, Experience building AI-assisted workflows — you've worked with LLMs, agentic tools, or automation pipelines (beyond click-through tools) to solve a GRC or compliance problem and can walk through what you built, why, and how you validated the output, Confident in auditor-facing settings — you have a commanding presence in technical walkthroughs and can represent your automation work clearly to external auditors, senior stakeholders, and executive audiences

Nice to Have

Hands-on experience with event-driven automation platforms like Tines and their use in control validation and alerting, Expertise in building evidence pipelines, tagging telemetry, or creating GRC dashboards in tools like Looker or Metabase, understanding of cloud-native security architecture and its relationship to compliance controls (e. g. , AWS IAM, encryption, logging), Experience working in customer trust, privacy engineering, or supporting sales/GTM teams with compliance assurance content, Familiarity with EU AI Act, NIST AI RMF, or emerging AI governance frameworks, CISA, CISSP, or equivalent certification, or actively working toward one

What You'll Do.

Design and implement automation

Build automation that scales security and privacy commitments

Operationalize and expand GRC platform (Drata)

Build AI-assisted workflows that automate evidence collection

Own delivery of projects from scoping through go-live

and built into company operations

Lead implementation and integration of GRC platform

Build automated workflows for control testing

Design and deploy AI-assisted compliance workflows

Develop and maintain integrations between GRC platform and systems of record

Manage project delivery across multiple GRC automation initiatives

Design dashboards and reporting to track control health

and audit performance

Own roadmap for automated

resilient internal assurance infrastructure

and make build vs. buy decisions

How You'll Work.

Team & Collaboration

Partner directly with the Senior Manager of GRC; Work cross-functionally with security, compliance, legal, and infrastructure teams; Collaborate with teams across Security, GRC, and Engineering

Communication Scope

Technical narrative; Represent automation work clearly; Stakeholder communication; Communicating progress to GRC leadership

Process & Methodology

Project management and delivery ownership, Manage multi-workstream compliance or security projects end-to-end, Scoping, Milestones, Stakeholder communication, On-time delivery, Manage project delivery across multiple GRC automation initiatives simultaneously, Maintaining clear scope, milestones, and stakeholder visibility

Free ATS check

Applying for this Senior Security Engineer, GRC Automation role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

Skill Signal 46 detected

Core

GRC Automation ×5

AI-assisted workflows ×5

Required

Evidence collection ×3

Control testing ×3

Security monitoring ×3

GRC platform integration ×3

Technical narrative ×3

Event-driven automation ×3

Evidence pipelines ×3

Telemetry tagging ×3

GRC dashboards ×3

Cloud-native security architecture ×3

Nice to have

Python

JavaScript

APIs

Webhooks

Workflow automation

LLMs

Agentic tools

Automation pipelines

AWS IAM

Encryption

Role Details

Work Mode

Remote

Type

FULL TIME

Experience

5–10 yrs

How to Apply on Ashby

Ashby is a fast modern ATS — most applications take under 3 minutes.
The resume parser is strong; verify parsed experience dates and job titles.
Custom screening questions are often scored algorithmically — answer completely.
Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about 1Password?

Real rants from real employees. Read before you apply.

Read Company Rants →