Job Specifications
About 1Password
At 1Password, we're building the foundation for a safe, productive digital future. Our mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We innovated the market-leading enterprise password manager and pioneered Extended Access Management, a new cybersecurity category built for the way people and AI agents work today. As one of the most loved brands in cybersecurity, we take a human-centric approach in everything from product strategy to user experience. Over 175,000 businesses and millions of people trust us to provide seamless, secure access to their most critical information.
If you're excited about the opportunity to contribute to the digital safety of millions, to work alongside a team of curious, driven individuals, and to solve hard problems in a fast-paced, dynamic environment, then we want to hear from you. Come join us and help shape a safer, simpler digital future.
The mission of the Corporate Security team is to protect the organization, its assets, and its people by ensuring a safe and secure work environment. We do this by designing scalable, proactive, and user-friendly security programs that empower teams to move quickly - without compromising trust.
This role will require a specialist that has deep experience in managing, mitigating, and monitoring SaaS risk. This will specifically focus on technical analysis of risk, and understanding how to implement mitigations. They will be expected to take processes and build a program.
They should be comfortable dealing with ambiguous problem spaces, able to work extremely proactively and independently to build and drive projects to completion, and able to influence effectively without authority.
They will partner closely with the Corporate Security Manager and other Security leaders to help define team direction, contribute to roadmap planning, and ensure that security investments align with business goals and organizational risk posture.
As a Staff Security Engineer, this person is expected to lead by example - mentoring and leveling up teammates, sharing context and best practices, and fostering a culture of inclusion, autonomy, and technical excellence within the team.
This role requires strong technical expertise to meaningfully contribute to the team's efficiency. The ability to build, automate, and own processes is essential - experience with scripting or coding (e.g., Python, Bash) and infrastructure automation (e.g., Terraform, CI/CD) is a must.
Equally important are exceptional communication and collaboration skills. This individual must be able to build strong, trust-based relationships with partner teams across the org. We frequently drive changes that impact the entire company - and we do so not as gatekeepers, but as enablers. We strive to be thoughtful, responsive, and solutions-oriented partners to everyone at 1Password.
Potential work on nights or weekends in the event a significant security issue is discovered.
This is a remote opportunity within Canada and the US.
What We're Looking For
Minimum of 7 years of combined experience in the IT or security space, related to corporate or enterprise security.
Proven experience designing and building security programs that scale, turning emerging functions into durable, repeatable practices.
Ability to operate as a technical lead within a Security team, defining roadmaps and guiding architectural decisions.
Ability to model SaaS threats, assess vendor and integration risks, and harden configurations to mitigate risk across platforms such as Google Workspace, GitHub, or Salesforce. Experience with SSPM platforms is a plus.
Strong knowledge of SSO, federation, SCIM provisioning, and conditional access policies, and how identity security underpins SaaS adoption.
Familiarity with device posture enforcement and integrating MDM/EDR data (CrowdStrike, SentinelOne, Kandji, Jamf) with SaaS security workflows to reduce risk.
Experience with configuration as code (CaC) practices for SaaS and identity systems, ensuring repeatability, visibility, and auditability of security configurations.
Proficiency in scripting and automation using Python, Bash, Terraform, and CI/CD pipelines, and experience using a SOAR platform (Tines, Torq, Splunk) to automate security workflows.
Experience being "customer zero" -- dogfooding company products internally, and providing actionable feedback that improves both internal adoption and customer value.
Collaborative mindset, with excellent communication skills, ownership mentality, and a commitment to psychological safety and team development.
What You Can Expect
Operate as a technical lead to advance the Corporate Security program, building a specialized sub-team, focused on SaaS Security.
Collaborate with your manager, Security leadership, and IT Engineering to define the vision and roadmap for Corporate Security and th