Staff Security Engineer, Corporate Security

About 1Password

At 1Password, we’re building the foundation for a safe, productive digital future. Our mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We innovated the market-leading enterprise password manager and pioneered Extended Access Management, a new cybersecurity category built for the way people and AI agents work today. As one of the most loved brands in cybersecurity, we take a human-centric approach in everything from product strategy to user experience. Over 175,000 businesses and millions of people trust us to provide seamless, secure access to their most critical information. 

If you're excited about the opportunity to contribute to the digital safety of millions, to work alongside a team of curious, driven individuals, and to solve hard problems in a fast-paced, dynamic environment, then we want to hear from you. Come join us and help shape a safer, simpler digital future.

The mission of the Corporate Security team is to protect the organization, its assets, and its people by ensuring a safe and secure work environment. We do this by designing scalable, proactive, and user-friendly security programs that empower teams to move quickly - without compromising trust.

• This role will require a specialist that has deep experience in managing, mitigating, and monitoring SaaS risk. This will specifically focus on technical analysis of risk, and understanding how to implement mitigations. They will be expected to take processes and build a program.

• They should be comfortable dealing with ambiguous problem spaces, able to work extremely proactively and independently to build and drive projects to completion, and able to influence effectively without authority.

• They will partner closely with the Corporate Security Manager and other Security leaders to help define team direction, contribute to roadmap planning, and ensure that security investments align with business goals and organizational risk posture.

• As a Staff Security Engineer, this person is expected to lead by example - mentoring and leveling up teammates, sharing context and best practices, and fostering a culture of inclusion, autonomy, and technical excellence within the team.

• This role requires strong technical expertise to meaningfully contribute to the team’s efficiency. The ability to build, automate, and own processes is essential - experience with scripting or coding (e.g., Python, Bash) and infrastructure automation (e.g., Terraform, CI/CD) is a must.

• Equally important are exceptional communication and collaboration skills. This individual must be able to build strong, trust-based relationships with partner teams across the org. We frequently drive changes that impact the entire company - and we do so not as gatekeepers, but as enablers. We strive to be thoughtful, responsive, and solutions-oriented partners to everyone at 1Password.

• Potential work on nights or weekends in the event a significant security issue is discovered.
  
  

This is a remote opportunity within Canada and the US.

What we’re looking for:

• Minimum of 7 years of combined experience in the IT or security space, related to corporate or enterprise security.

• Proven experience designing and building security programs that scale, turning emerging functions into durable, repeatable practices.

• Ability to operate as a technical lead within a Security team, defining roadmaps and guiding architectural decisions.

• Ability to model SaaS threats, assess vendor and integration risks, and harden configurations to mitigate risk across platforms such as Google Workspace, GitHub, or Salesforce. Experience with SSPM platforms is a plus.

• Strong knowledge of SSO, federation, SCIM provisioning, and conditional access policies, and how identity security underpins SaaS adoption.

• Familiarity with device posture enforcement and integrating MDM/EDR data (CrowdStrike, SentinelOne, Kandji, Jamf) with SaaS security workflows to reduce risk.

• Experience with configuration as code (CaC) practices for SaaS and identity systems, ensuring repeatability, visibility, and auditability of security configurations.

• Proficiency in scripting and automation using Python, Bash, Terraform, and CI/CD pipelines, and experience using a SOAR platform (Tines, Torq, Splunk) to automate security workflows.

• Experience being “customer zero” — dogfooding company products internally, and providing actionable feedback that improves both internal adoption and customer value.

• Collaborative mindset, with excellent communication skills, ownership mentality, and a commitment to psychological safety and team development.
  
  

What you can expect:

• Operate as a technical lead to advance the Corporate Security program, building a specialized sub-team, focused on SaaS Security.

• Collaborate with your manager, Security leadership, and IT Engineering to define the vision and roadmap for Corporate Security and the SaaS Security sub-team, turning it from an emerging function into a durable program.

• Represent Corporate Security in cross-functional partnerships, working with IT Engineering, Procurement, and GRC to align roadmaps, improve SaaS management practices, and ensure SaaS adoption and security are handled consistently across the business.

• Collaborate closely with the Endpoint and Identity Corporate Security squads - working together where expertise and workload overlap, and contributing to shared initiatives that span the team.

• Plan, scope, and deliver SaaS Security program foundations, including inventory and visibility, secure configuration standards, configuration drift detection, automation pipelines, and measurable success criteria, while establishing timelines, milestones, and project scope to ensure deliverables are met in alignment with Security OKRs.

• Help uplevel the skills of teammates across squads, sharing SaaS, automation, and program-building expertise to raise the technical bar for the entire team.

• Use data from EDR, MDM, identity providers, our SIEM and SOAR platforms, and SaaS platforms to detect, analyze, and respond to threats.

• Participate in security audits, vendor assessments, and tabletop exercises, ensuring SaaS platforms and integrations meet security and compliance standards.

• Participate in an on-call rotation with potential for work on nights or weekends in the event a significant security issue is identified.
  
  

USA-based roles only: The annual base salary for this role is between $190,000 USD and $258,000 USD, plus immediate participation in 1Password's benefits program (health, dental, 401k and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs.

Canada-based roles only: The annual base salary for this role is between
$172,000 CAD and $232,000 CAD, plus immediate participation in 1Password’s generous benefits program (health, dental, RRSP and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs.

At 1Password, we approach each individual's compensation with a promise of fair market value and internal equity commensurate with experience and specific skill set.

Our culture
At 1Password, we prioritize collaboration, clear and transparent communication, receptiveness to feedback, and alignment with our core values: keep it simple, lead with honesty, and put people first.

You’ll be part of a team that challenges the status quo, and is excited to experiment and iterate in search of the best solution. That said, 1Password is not for everyone. Our work is demanding, we strive for excellence, and the pace is fast. We need people who are keen to take on challenging problems, who seek feedback to grow, and who are driven to make an impact. If you're looking for a place where you can settle into a comfortable routine, this might not be the right fit for you. We’re looking for individuals who are proven experts in their fields, as well as those who are highly adaptable, can thrive in ambiguity and through change, are curious, and above all deliver results.

We are committed to leveraging cutting-edge technology—including AI—to achieve our mission. We also understand that thinking critically about AI in its current forms will help us create better solutions for our customers and ourselves with its future forms, which will help us continue to close the gap between security and privacy and achieve our mission. We want team members at all levels to take the approach of actively learning AI best practices, identifying opportunities to apply AI in meaningful ways, and driving innovative solutions in their daily work. Embracing the future of AI isn't just encouraged at 1Password—it's an essential part of how we will be successful at 1Password.

Our approach to remote work
We believe in the power of remote work, but recognize that in-person connection is important to help us achieve our mission. While we are a remote-first company, travel for in-person engagement is a part of almost all roles, and we require our employees to be ready and willing to take part. Frequency will depend on role and responsibilities, and may include, but is not limited to: annual department-wide offsites, team meetings, and customer/industry events.

What we offer
We believe in working hard, and rewarding that hard work through our benefits. While not an exhaustive list, here is a glance at what we currently offer:

Health and wellbeing
👶 Maternity and parental leave top-up programs
🩺 Competitive health benefits
🏝 Generous PTO policy

Growth and future
📈 RSU program for most employees
💸 Retirement matching program
🔑 Free 1Password account

Community
🤝 Paid volunteer days
🏆 Peer-to-peer recognition through Bonusly
🌎 Remote-first work environment
*Some roles in our GTM team are currently being hired for in-person hybrid work in Toronto and Austin. These roles will specify on the posting.

You belong here.

1Password is proud to be an equal opportunity employer. We are committed to fostering an inclusive, diverse and equitable workplace that is built on trust, support and respect. We welcome all individuals and do not discriminate on the basis of gender identity and expression, race, ethnicity, disability, sexual orientation, colour, religion, creed, gender, national origin, age, marital status, pregnancy, sex, citizenship, education, languages spoken or veteran status. Be yourself, find your people and share the things you love.

Accommodation is available upon request at any point during our recruitment process. If you require an accommodation, please speak to your talent acquisition partner or email us at [email protected] and we’ll work to meet your needs.

Remote work is a part of our DNA. Given that our company was founded remotely in 2005, we can safely say we're experts at building remote culture. That said, remote work at 1Password does mean working from your home country. If you've got questions or concerns about this, your talent partner would be happy to address them with you.

Successful applicants will be required to complete a background check that may consist of prior employment verification, reference checks, education confirmation, criminal background, publicly available social media, credit history, or other information, as permitted by local law.

1Password uses artificial intelligence (AI) and machine learning (ML) technologies, including natural language processing and predictive analytics, to assist in the initial screening of employment applications and improve our recruitment process. See here for the latest third party bias audit information. If you prefer not to have your application assessed using AI/ML features, you may opt out by completing this form. For additional information see our Candidate Privacy Notice.