Senior Security Engineer, GRC Automation

About 1Password

1Password is growing faster than ever, surpassing $400M in ARR and consistently earning a spot on the Forbes Cloud 100. We’ve also teamed up with iconic partners like Oracle Red Bull Racing. At 1Password, our mission is to build the foundation for a safe, productive digital future by unleashing employee productivity without compromising security. We achieve this by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We pioneered Extended Access Management, a new cybersecurity category built for today's work environment. As one of the most loved brands in cybersecurity, we adopt a human-centric approach in all aspects of our work. Over 180,000 businesses globally trust 1Password to help their teams securely adopt the SaaS and AI tools they need.

If you are excited to contribute to the digital safety of millions, work alongside a curious and driven team, and solve complex problems in a fast-paced environment, we encourage you to join us in shaping a safer, simpler digital future.

The Role

Trust is earned – and at 1Password, we are building systems to earn it at scale. We are seeking a Senior Security Engineer, GRC Automation to design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations. You will partner directly with the Senior Manager of GRC to build automation that scales our security and privacy commitments, covering audit readiness, policy enforcement, and customer trust workflows. A primary focus will be operationalizing our newly selected GRC platform, integrating it with internal systems, and ensuring it supports automated, scalable assurance processes across the organization.

This is a hands-on technical role for an individual passionate about making GRC repeatable, visible, and integrated into how the company operates. It sits at the intersection of security engineering, compliance, and platform operations, making it ideal for someone with a solutions engineering or DevSecOps background who thrives in high-context, high-impact environments. This is a remote opportunity within the US or Canada.

What We're Looking For

• 5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation roles.
• Proven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoring.
• Direct experience implementing and integrating GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) into production environments.
• Strong scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools.
• Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems.
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations.

Bonus Points If You Have

• Hands-on experience with event-driven automation platforms like Tines and their use in control validation and alerting.
• Expertise in building evidence pipelines, tagging telemetry, or creating GRC dashboards in tools like Looker or Metabase.
• Strong understanding of cloud-native security architecture and its relationship to compliance controls (e.g., AWS IAM, encryption, logging).
• Experience working in customer trust, privacy engineering, or supporting sales/GTM teams with compliance assurance content.

What You Can Expect

• Lead the implementation and integration of our GRC platform, ensuring it is fully operationalized across key systems and workflows.
• Build out automated workflows for control testing, evidence collection, and audit readiness.
• Develop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management).
• Design dashboards and reporting to track control health, trust signals, and audit performance.
• Collaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident response.
• Shape the roadmap for automated, resilient internal assurance infrastructure that grows alongside the business.

Our Culture

At 1Password, we prioritize collaboration, clear and transparent communication, receptiveness to feedback, and alignment with our core values: keep it simple, lead with honesty, and put people first. You'll be part of a team that challenges the status quo, and is excited to experiment and iterate in search of the best solution. Our work is demanding, we strive for excellence, and the pace is fast. We seek individuals who are keen to take on challenging problems, seek feedback to grow, and are driven to make an impact. We're looking for proven experts who are also highly adaptable, thrive in ambiguity and through change, are curious, and above all, deliver results.

How We Work With AI

We are committed to leveraging cutting-edge technology, including AI, to achieve our mission. We believe critical thinking about AI will help us create better solutions for our customers and ourselves. We encourage team members at all levels to actively learn AI best practices, identify opportunities to apply AI meaningfully, and drive innovative solutions in their daily work. Embracing the future of AI isn't just encouraged—it's an essential part of our success at 1Password. Candidates are welcome to use AI tools responsibly and thoughtfully during the application process.

Our Approach to Remote Work

We believe in the power of remote work and are a remote-first company, founded remotely in 2005. While remote, we recognize the importance of in-person connection. Travel for in-person engagement is part of almost all roles, including annual department-wide offsites, team meetings, and customer/industry events. Remote work at 1Password means working from your home country (US or Canada for this role).

What We Offer

We believe in working hard and rewarding that hard work through our benefits. Here is a glance at what we currently offer:

• Health and wellbeing: Maternity and parental leave top-up programs, competitive health benefits, generous PTO policy.
• Growth and future: RSU program for most employees, retirement matching program, free 1Password account.
• Community: Paid volunteer days, peer-to-peer recognition through Bonusly, remote-first work environment.

You Belong Here

1Password is proud to be an equal opportunity employer committed to fostering an inclusive, diverse, and equitable workplace built on trust, support, and respect. We welcome all individuals and do not discriminate based on various personal characteristics. Accommodation is available upon request at any point during our recruitment process.

Successful applicants will be required to complete a background check. 1Password uses AI and machine learning technologies to assist in the initial screening of employment applications. You may opt out by completing a form if you prefer not to have your application assessed using AI/ML features.

Key skills/competency

• Security Engineering
• GRC Automation
• Python
• JavaScript
• APIs
• GRC Platforms
• SOC 2
• ISO 27001
• NIST 800-53
• Cloud Security