Staff Security Engineer, DevSecOps (Corporate Security)1Password • New York, New York, United States
Staff Security Engineer, DevSecOps (Corporate Security)
1Password
- New York, New York, United States
- New York, New York, United States
Über
Position We are looking for a Staff Security Engineer to found and lead the DevSecOps function within our Corporate Security team. This role works closely with Infrastructure Security and operates at a scope that touches every team that ships code.
This role sits within Corporate Security and reports to the Manager of Corporate Security. This is a remote opportunity within Canada and the US.
What we are looking for
Minimum of 8 years of combined experience in security engineering, DevSecOps, platform security, or closely related engineering roles, with deep focus on securing developer environments, CI/CD, or software supply chains.
Deep, hands‑on expertise in GitHub Enterprise security and governance, including branch protections, secret scanning, access controls, repository standards, Actions security, and audit logging at scale.
Proven ability to design and implement security controls that integrate into CI/CD pipelines without meaningfully degrading developer velocity. Experience with GitHub Actions and familiarity with how pipeline security scales across a large engineering organization.
Solid understanding of software supply chain security within developer environments, including dependency hygiene (npm, pip, and similar), token and secret management, secure package consumption practices, and SBOM generation.
Practical experience solving security challenges introduced by AI‑assisted and agentic development. Evidence of engaging seriously with the problem: making calls about governing AI coding tools in a production environment, defining policy and technical controls for tools like Copilot, Cursor, or Claude Code.
Comfortable making architectural decisions that span multiple teams. Setting standards and patterns that others adopt; designing scalable, reusable security controls that prevent entire classes of future problems.
Strong scripting and automation skills in Python, Bash, Terraform, or similar, with demonstrated ability to build tooling that scales security controls without proportional manual effort.
Ability to build alignment with Platform Engineering and other stakeholders, translate security requirements into developer‑friendly implementations, and influence engineering‑wide standards without direct authority.
A track record of elevating the people around you through mentorship, documentation, and deliberately creating growth opportunities for other engineers.
Experience participating in on‑call rotations and contributing to investigations involving developer tooling, source control, or credential exposure.
What you can expect
Own the DevSecOps function: Build and lead a well‑run, owned developer security program at 1Password. Set the technical direction, define the operating model, and drive it with a counterpart in Infrastructure Security.
Own GitHub and CI/CD security: Lead the program to harden 1Password’s GitHub Enterprise environment and CI/CD pipelines, including governance frameworks, repository standards, Actions security, audit visibility, and secure defaults.
Define AI‑assisted development security: Own the security model for AI coding tools and agentic workflows, building guardrails, governance standards, and ensuring compliance with risk and policy requirements.
Harden the software supply chain: Drive improvements to dependency hygiene, secret management practices, token governance, and secure package consumption across engineering. Design controls that scale with minimal friction.
Set standards that engineering teams actually use: Build secure templates, baseline configurations, and developer‑friendly guardrails adopted because they make work easier.
Partner with Platform Engineering: Work closely with Platform Engineering as a peer‑level security partner, ensuring developer tooling and platform infrastructure embed security.
Elevate the team and the organization: Mentor engineers, distribute ownership to scale impact, and help develop hiring assessments.
Support Corporate Security operations: Participate in the on‑call rotation and investigations involving developer tooling, credential exposure, or workflow misuse.
Compensation USA‑based roles only:
Annual base salary between $192,000 USD and $278,000 USD, plus immediate participation in 1Password’s benefits program (health, dental, 401(k) and many others), generous paid time off, an equity grant, and participation in incentive programs.
Canada‑based roles only:
Annual base salary between $167,000 CAD and $242,000 CAD, plus immediate participation in 1Password’s generous benefits program (health, dental, RRSP and many others), generous paid time off, an equity grant, and participation in incentive programs.
Benefits
Health and wellbeing: Maternity and parental leave top‑up programs; competitive health benefits; generous PTO policy.
Growth and future: RSU program for most employees; retirement matching program; free 1Password account.
Community: Paid volunteer days; peer‑to‑peer recognition through Bonusly; remote‑first work environment.
Equal Opportunity Employer 1Password is proud to be an equal opportunity employer. We are committed to fostering an inclusive, diverse and equitable workplace that is built on trust, support and respect. We welcome all individuals and do not discriminate on the basis of gender identity and expression, race, ethnicity, disability, sexual orientation, colour, religion, creed, gender, national origin, age, marital status, pregnancy, sex, citizenship, education, languages spoken or veteran status. Be yourself, find your people and share the things you love.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.