We are excited to welcome a Senior Engineer to join our new Vulnerability Management team at 1Password. Vulnerability Management helps enable 1Password to build and deliver secure products with confidence. We own the end-to-end vulnerability lifecycle including our centralized platform, from identification to remediation and reporting. This includes our bug bounty program, pentesting, supply chain management, and more. As part of the Vulnerability Management team, this Senior Engineer will focus on rapidly maturing and scaling our vulnerability management program with new agentic AI tooling and workflows, while implementing new vulnerability identification and remediation strategies across our products, platforms, and infrastructure - ensuring that 1Password maintains the highest standards of trust and safety for our users. As part of this program, the Senior Security Engineer will: - Design, build, integrate and scale new security solutions to power our vulnerability management program. - Develop and maintain tools that correlate, enrich, and prioritize security vulnerability findings from multiple data sources. - Develop and maintain comprehensive dashboards and reporting metrics around our vulnerability management program, tailored to different audiences (technical, non-technical, compliance, senior leadership, etc.) - Conduct detailed analysis used to inform security development teams to eliminate classes of vulnerabilities. - Partner with product and development teams to improve vulnerability triage workflows, validate findings, and come up with remediation strategies consistent with good user experiences. - Contribute to the design of risk-scoring and SLA models that align with business priorities. - Evaluate, build, and pilot AI-powered tools and workflows that improve the efficiency and effectiveness of vulnerability detection and remediation. - Mentor other engineers and help shape the evolution of our vulnerability management strategy. This is a remote opportunity within Canada and the US. What we're looking for: - You have 5+ years of career experience in IT or Engineering with a security focus - You have a passion for and strong experience with any of: bug bounty programs, vulnerability research, validation, remediation or pentesting - You have experience leveraging AI/ML capabilities to accelerate security workflows, automate repetitive tasks, or enhance detection and remediation efforts - You have experience with internal tool development and engineering enablement - You have a strong foundational understanding of software development principles, and are comfortable reading and writing code - You work well in a team environment with positive communications amongst a variety of technical and non-technical stakeholders - You are comfortable owning and setting technical direction for small to medium sized initiatives - You're adaptable and resilient, thriving in fast-paced environments with shifting priorities Bonus points for: - Experience with Rust and/or Golang, or a demonstrated ability to pick up new languages quickly. - Experience with popular compliance standards and certifications (e.g. SOC2, ISO, PCI) - Experience building or maintaining vulnerability management programs in medium to large sized organizations - Familiarity with Software Bill of Materials (SBOMs) and their application in vulnerability management and software supply chain risk USA-based roles only: The annual base salary for this role is between $153,000 USD and $214,000 USD, plus immediate participation in 1Password's benefits program (health, dental, 401k and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs. Canada-based roles only: The annual base salary for this role is between $143,000 CAD and $193,000 CAD, plus immediate participation in 1Password's generous benefits program (health, dental, RRSP and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs. At 1Password, we approach each individual's compensation with a promise of fair market value and internal equity commensurate with experience and specific skill set. This posting is for an existing vacancy.