1Password
Cybersecurity
SeniorSecurityEngineer–GRCControlsandAudit
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Security Engineer – GRC Controls and Audit at 1Password. Skills: GRC Controls, Audit Programs, Compliance Standards, AI-Assisted Workflows. Lead commercial audit programs. Manage evidence collection and control testing”
What You'll Achieve.
Make audit programs more efficient; Improve compliance posture to be continuous; Ensure every identity is authentic; Ensure every application sign-in is secure; Ensure every device is trusted; Drive continuous evidence library maturity; Shift GRC from reactive to proactive
Industry & Context.
Identify design and operating effectiveness gaps; Solve hard problems in a fast-paced environment
Must be willing to travel for in-person engagement, Background check required
What They're Looking For.
Must Have
5+ years of experience in GRC, compliance, or audit, Deep hands-on experience with SOC 2 Type II, Working knowledge of ISO 27001 and related standards (27017, 27018, 27701), Demonstrated experience leading technical audit walkthroughs, Ability to define what "good evidence" looks like for each control domain, Proven ability to design and execute control testing, Ability to work cross-functionally with Engineering, IT, Security, and People teams, Written and verbal communication skills, Experience with compliance automation platforms (Drata, Vanta, Secureframe, or equivalent), A builder's instinct
Nice to Have
CPA, CIA, CISA, or CISSP certification, Audit or compliance experience in a cloud-native SaaS product environment, Experience building or improving continuous control monitoring capabilities, Familiarity with EU AI Act, NIST AI RMF, or AI governance frameworks, Experience with vendor risk assessments
What You'll Do.
Lead commercial audit programs
Manage evidence collection and control testing
Conduct technical walkthroughs with auditors
Define "good evidence" requirements
Build AI-assisted workflows for efficiency
Design and execute control testing procedures
Document control exceptions and track remediation
Partner with Engineering
Develop policy and standards for auditability
Apply AI tools to accelerate audit prep
Mentor GRC team members
How You'll Work.
Team & Collaboration
Partner with Senior Manager of GRC; Work cross-functionally with Engineering, IT, Security, and People teams; Collaborate with external auditors and internal SMEs; Mentor A–B level GRC team members
Communication Scope
Written communication skills; Verbal communication skills; Explain control requirements to auditors and owners; Author control narratives; Prepare audit-ready documentation; Write compliance reports; Run live auditor walkthroughs
Process & Methodology
Lead audit programs, Manage remediation tracking
Full Job Description
1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row and teaming up with iconic partners like Oracle Red Bull Racing. About 1Password At 1Password, we’re building the foundation for a safe, productive digital future. Our mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. As one of the most loved brands in cybersecurity, we take a human-centric approach in everything from product strategy to user experience. Over 180,000 businesses, from Fortune 100 leaders to the world’s most innovative AI companies, trust 1Password to help their teams securely adopt the SaaS and AI tools they need to do their best work. If you're excited about the opportunity to contribute to the digital safety of millions, to work alongside a team of curious, driven individuals, and to solve hard problems in a fast-paced, dynamic environment, then we want to hear from you. Come join us and help shape a safer, simpler digital future. Good audits don't start when the auditors arrive — they start the moment a control is designed. 1Password is looking for a Senior Security Engineer – GRC Controls and Audit to serve as the technical and methodological anchor for our compliance audit programs. You'll partner directly with the Senior Manager of GRC to lead our commercial audit programs — from evidence collection and control testing to deep technical walkthroughs with external auditors and internal SMEs. You'll own the question of what "good evidence" looks like across SOC 2 Type II, ISO 27001/27017/27018, and ISO 27701, and you'll know where to find it in the systems that generate it. Along the way, you'
Applying for this Senior Security Engineer – GRC Controls and Audit role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about 1Password?
Real rants from real employees. Read before you apply.