
Senior Security Engineer, Incident Response
1Password · United States
- Hybrid
- Full-time
- $153,000 / year
- United States
Email the hiring manager to get a response.
Get their verified email + an intro that's ready to send.
Subject: Interested in the Senior Security Engineer, Incident Response role at 1Password
Hi Avery — I came across the Senior Security Engineer, Incident Response opening and wanted to reach out directly. I've spent the last few years doing exactly this kind of work, and 1Password stood out because…
✎ Personalized to your résumé after sign-up.
- ✓ Verified email of the hiring manager
- ✓ Intro email personalized to your résumé
- ✓ $9/mo = unlimited — any job link
Secure checkout · cancel anytime
Job highlights
- Lead complex security investigations and build response automation.
- Engineer systems and workflows for faster response.
- Drive incidents end-to-end with ownership.
- Collaborate with diverse stakeholders in high-pressure situations.
- Improve security operations with new technologies.
About the role
About 1Password
1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row and teaming up with iconic partners like Oracle Red Bull Racing.
At 1Password, we’re building the foundation for a safe, productive digital future. Our mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. As one of the most loved brands in cybersecurity, we take a human-centric approach in everything from product strategy to user experience. Over 180,000 businesses, from Fortune 100 leaders to the world’s most innovative AI companies, trust 1Password to help their teams securely adopt the SaaS and AI tools they need to do their best work.
If you're excited about the opportunity to contribute to the digital safety of millions, to work alongside a team of curious, driven individuals, and to solve hard problems in a fast-paced, dynamic environment, then we want to hear from you. Come join us and help shape a safer, simpler digital future.
About the Security Operations Team
At 1Password, security isn’t just a feature – it’s our foundation. The Security Operations team’s mission is to protect the business by securing the systems, tools, and processes that power how we work. Our mission is to keep 1Password productive, resilient, and safe through proactive monitoring, rapid response, and continuous improvement of preventative and detective controls.
About the Role
As a Senior Security Engineer on the Incident Response team, you will lead complex security investigations while also building the systems and automation that make response faster, more reliable, and more scalable.
This role blends deep investigative expertise, hands-on engineering, and structured incident coordination. You will drive incidents end-to-end, build automation and workflows that reduce response friction, and contribute to a culture of learning and psychological safety during high-pressure situations.
This is a high-impact role with meaningful ownership across both incident execution and operational engineering. This role reports to the Manager of Security Incident Response.
How We’re Using AI Today
Our Engineering, Product, and Design teams are thoughtfully integrating AI across the full software and product development lifecycle to move faster without sacrificing quality or security. In practice, that looks like engineers using AI-assisted coding tools to accelerate reviews and catch bugs earlier, product managers synthesizing user research at scale, and designers rapidly prototyping and iterating with AI-generated mockups. We approach AI the same way we approach security: with clear principles, human accountability at every consequential decision point, and rigorous evaluation before anything ships to customers.
This is a remote opportunity within Canada and the US.
What We're Looking For
- An experienced incident lead who can independently drive complex investigations and coordinate diverse stakeholders.
- A builder who enjoys improving systems, automation, and workflows – not just responding to alerts.
- Calm and decisive under pressure, with strong judgment in ambiguous or high-severity situations.
- Structured and organized, with strong project management skills to own complex projects.
- A clear communicator who can translate technical findings into actionable guidance for both technical and non-technical audiences.
- A collaborative teammate who values blameless learning and psychological safety.
- 5+ years of experience in security incident response roles, with 3+ years focused on security engineering and automation.
- Proven experience leading complex security incidents in cloud-native or SaaS environments.
- Experience building automation or internal tooling to improve security operations.
- Proficiency in scripting or programming (e.g., Python, Go, Bash) and working with APIs or orchestration platforms.
- Familiarity with applying AI/ML-assisted workflows to operational security use cases.
- Strong understanding of modern attacker techniques and incident response methodologies.
- Strong written and verbal communication skills, including executive-facing summaries.
What You Can Expect
- Lead and execute security incidents end-to-end, from initial signal through containment, recovery, and post-incident review.
- Assess severity, declare incidents, and drive structured coordination and decision-making during active response.
- Perform hands-on investigations and threat hunting to determine root cause, attacker behavior, scope, and impact.
- Design and build automation to reduce triage, investigation, and response time.
- Develop scalable systems and workflows that improve incident response and incident management.
- Identify recurring pain points and detection/response gaps, and implement durable engineering solutions.
- Improve incident response playbooks, case management, and orchestration tooling.
- Apply AI-assisted tooling to enhance triage, enrichment, and investigative workflows while maintaining accuracy.
Compensation - USA
The annual base salary for this role is between $153,000 USD and $214,000 USD plus immediate participation in 1Password's benefits program (health, dental, 401k and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs.
Compensation - Canada
The annual base salary for this role is between $144,000 CAD and $202,000 CAD plus immediate participation in 1Password’s generous benefits program (health, dental, RRSP and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs.
At 1Password, we approach each individual's compensation with a promise of fair market value and internal equity commensurate with experience and specific skill set.
Our Culture
At 1Password, we prioritize collaboration, clear and transparent communication, receptiveness to feedback, and alignment with our core values: keep it simple, lead with honesty, and put people first.
You’ll be part of a team that challenges the status quo, and is excited to experiment and iterate in search of the best solution. That said, 1Password is not for everyone. Our work is demanding, we strive for excellence, and the pace is fast. We need people who are keen to take on challenging problems, who seek feedback to grow, and who are driven to make an impact. If you're looking for a place where you can settle into a comfortable routine, this might not be the right fit for you. We’re looking for individuals who are proven experts in their fields, as well as those who are highly adaptable, can thrive in ambiguity and through change, are curious, and above all deliver results.
We are committed to leveraging cutting-edge technology—including AI—to achieve our mission. We also understand that thinking critically about AI in its current forms will help us create better solutions for our customers and ourselves with its future forms, which will help us continue to close the gap between security and privacy and achieve our mission. We want team members at all levels to take the approach of actively learning AI best practices, identifying opportunities to apply AI in meaningful ways, and driving innovative solutions in their daily work. Embracing the future of AI isn't just encouraged at 1Password—it's an essential part of how we will be successful at 1Password.
Our Approach to Remote Work
We believe in the power of remote work, but recognize that in-person connection is important to help us achieve our mission. While we are a remote-first company, travel for in-person engagement is a part of almost all roles, and we require our employees to be ready and willing to take part. Frequency will depend on role and responsibilities, and may include, but is not limited to: annual department-wide offsites, team meetings, and customer/industry events.
What We Offer
We believe in working hard, and rewarding that hard work through our benefits. While not an exhaustive list, here is a glance at what we currently offer:
Health and Wellbeing
- Maternity and parental leave top-up programs
- Generous PTO policy
- Four company-wide wellness days
Growth and Future
- Company equity for all full-time employees
- Retirement matching program
- Free 1Password account
Community
- Paid volunteer days
- Employee-led inclusion and belonging programs and ERGs
- Peer-to-peer recognition through Bonusly
You belong here.
1Password is proud to be an equal opportunity employer. We are committed to fostering an inclusive, diverse and equitable workplace that is built on trust, support and respect. We welcome all individuals and do not discriminate on the basis of gender identity and expression, race, ethnicity, disability, sexual orientation, colour, religion, creed, gender, national origin, age, marital status, pregnancy, sex, citizenship, education, languages spoken or veteran status. Be yourself, find your people and share the things you love.
Accommodation is available upon request at any point during our recruitment process. If you require an accommodation, please speak to your talent acquisition partner or email us at nextbit@agilebits.com and we’ll work to meet your needs.
Remote work is a part of our DNA. Given that our company was founded remotely in 2005, we can safely say we're experts at building remote culture. That said, remote work at 1Password does mean working from your home country. If you've got questions or concerns about this, your talent partner would be happy to address them with you.
Successful applicants will be required to complete a background check that may consist of prior employment verification, reference checks, education confirmation, criminal background, publicly available social media, credit history, or other information, as permitted by local law.
1Password uses artificial intelligence (AI) and machine learning (ML) technologies, including natural language processing and predictive analytics, to assist in the initial screening of employment applications and improve our recruitment process. See here for the latest third party bias audit information. If you prefer not to have your application assessed using AI/ML features, you may opt out by completing this form. For additional information see our Candidate Privacy Notice.
Key skills/competency
- Incident Response
- Security Engineering
- Automation
- Cloud Security
- SaaS Security
- Threat Hunting
- Scripting (Python, Go, Bash)
- API Integration
- Incident Management
- AI/ML Security
Skills & topics
- Senior Security Engineer
- Incident Response
- Security Operations
- Cybersecurity
- SaaS Security
- Cloud Security
- Automation
- Threat Hunting
- Python
- Go
- Bash
- API
- AI
- ML
- Remote
- 1Password
How to get hired
- Tailor your resume: Highlight incident response, security engineering, and automation experience. Quantify achievements in cloud/SaaS environments.
- Showcase technical skills: Emphasize proficiency in Python, Go, Bash, APIs, and AI/ML workflows.
- Demonstrate leadership: Provide examples of leading complex incidents and coordinating stakeholders effectively.
- Address remote work: Confirm your ability to work remotely within Canada or the US and willingness for travel.
- Prepare for interviews: Be ready to discuss incident scenarios, problem-solving approaches, and collaboration style.
Technical preparation
Behavioral questions
Frequently asked questions
- What is the work arrangement for the Senior Security Engineer, Incident Response role at 1Password?
- This is a remote position open to candidates within Canada and the US. While 1Password is remote-first, be prepared for potential travel for in-person engagements like team meetings or industry events.
- What are the salary ranges for the Senior Security Engineer, Incident Response position at 1Password?
- For USA-based roles, the annual base salary is between $153,000 and $214,000 USD. For Canada-based roles, the salary ranges from $144,000 to $202,000 CAD. Compensation is determined by experience and skill set.
- Does 1Password use AI in its hiring process for the Senior Security Engineer role?
- Yes, 1Password uses AI and ML for initial screening to improve the recruitment process. You have the option to opt out of AI/ML assessment by completing a provided form.
- What kind of technical skills are most important for the Senior Security Engineer, Incident Response role?
- Key technical skills include 5+ years in security incident response, 3+ years in security engineering/automation, experience with cloud-native/SaaS environments, proficiency in scripting (Python, Go, Bash), API work, and familiarity with AI/ML in security.
- How does 1Password foster a positive culture for its Senior Security Engineer, Incident Response team?
- 1Password emphasizes collaboration, clear communication, feedback, and core values like 'keep it simple,' 'lead with honesty,' and 'put people first.' They promote a culture of learning, psychological safety, and tackling challenging problems.
- What are the key responsibilities of a Senior Security Engineer on the Incident Response team at 1Password?
- You will lead complex security investigations, build automation and systems to improve response times, drive incidents end-to-end, and contribute to a culture of learning during high-pressure situations.
- What is 1Password's stance on remote work for the Senior Security Engineer, Incident Response role?
- 1Password is a remote-first company and this role is open to candidates in Canada and the US. Remote work means working from your home country, but occasional travel for team events may be required.
Similar roles
Open positions we recommend based on this role.
