We9re looking for a Staff Security Engineer to found and lead the DevSecOps function within our Corporate Security team. You9ll have real ownership and latitude to shape how developer security works at 1Password. That means setting the technical vision, driving the standards and controls that engineering teams rely on, and building a well-run program that scales with the organization. This role works in close partnership with Infrastructure Security, and operates at a scope that touches every team that ships code. This role sits within Corporate Security and reports to the Manager of Corporate Security. This is a remote opportunity within Canada and the US. What we9re looking for: 3 Minimum of 8 years of combined experience in security engineering, DevSecOps, platform security, or closely related engineering roles, with deep focus on securing developer environments, CI/CD, or software supply chains. 3 Deep, hands-on expertise in GitHub Enterprise security and governance, including branch protections, secret scanning, access controls, repository standards, Actions security, and audit logging at scale. 3 Proven ability to design and implement security controls that integrate into CI/CD pipelines without meaningfully degrading developer velocity. Experience with GitHub Actions and familiarity with how pipeline security scales across a large engineering organization. 3 Solid understanding of software supply chain security within developer environments, including dependency hygiene (npm, pip, and similar), token and secret management, secure package consumption practices, and SBOM generation. 3 Practical experience solving security challenges introduced by AI-assisted and agentic development. We are looking for evidence that you9ve engaged seriously with the problem: you9ve made real calls about how to govern AI coding tools in a production environment, defined policy and technical controls for tools like Copilot, Cursor, or Claude Code. 3 Comfortable making architectural decisions that span multiple teams. You set standards and patterns that other engineers adopt; you don9t just produce individual deliverables. Experience designing scalable, reusable security controls that prevent entire classes of future problems. 3 Strong scripting and automation skills in Python, Bash, Terraform, or similar, with demonstrated ability to build tooling that scales security controls without proportional manual effort. 3 Ability to build alignment with Platform Engineering and other engineering stakeholders, translate security requirements into developer-friendly implementations, and influence engineering-wide standards without direct authority. 3 A track record of elevating the people around you through mentorship, documentation, and deliberately creating growth opportunities for other engineers. Staff-level impact means the team gets better because you9re in it. 3 Experience participating in on-call rotations and contributing to investigations involving developer tooling, source control, or credential exposure. Familiarity is a must, expertise is a nice to have. What you can expect: 3 Own the DevSecOps function: You9ll have the latitude and mandate to build a well-run, properly owned developer security program at 1Password. You9ll set the technical direction, define the operating model, and drive it with a counterpart in Infrastructure Security. This is a high-ownership, high-impact role, and the decisions you make here will shape how engineering builds securely for years. 3 Own GitHub and CI/CD security: Lead the program to harden 1Password9s GitHub Enterprise environment and CI/CD pipelines. This includes governance frameworks, repository standards, Actions security, audit visibility, and the controls that make secure defaults the easy path for engineering teams. 3 Define AI-assisted development security: As 1Password9s engineering teams adopt AI coding tools and agentic workflows, you9ll own the security model for how that happens. You9ll build the guardrails, define the governance standards, and ensure that agentic and AI-generated code workflows meet our risk and compliance requirements. This is a genuinely novel problem space and you9ll be setting the direction, not following a playbook. 3 Harden the software supply chain: Drive and work with partner teams on improvements to dependency hygiene, secret management practices, token governance, and secure package consumption across the engineering organization. Design controls that scale and that teams can adopt with minimal friction. 3 Set standards engineering teams actually use: Build secure templates, baseline configurations, and developer-friendly guardrails that engineering teams adopt because they make their work easier, not just because security requires it. Good DevSecOps is invisible when it works. 3 Partner with Platform Engineering: Work closely with Platform Engineering as a peer-level security partner, ensuring that developer tooling and platform infrastructure evolve with security embedded in the design rather than added after the fact. 3 Elevate the team and the org: Mentor engineers across Corporate Security and the broader Security Operations organization. Actively distribute ownership to scale your impact and create growth opportunities for others. Contribute to the hiring process and help develop how we assess candidates. 3 Support Corporate Security operations: Participate in the Corporate Security on-call rotation. Contribute to investigations involving developer tooling, credential exposure, or workflow misuse when they arise. USA-based roles only: The annual base salary for this role is between $192,000 USD and $278,000 USD, plus immediate participation in 1Password9s benefits program (health, dental, 401k and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs. Canada-based roles only: The annual base salary for this role is between $167,000 CAD and $242,000 CAD, plus immediate participation in 1Password9s generous benefits program (health, dental, RRSP and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs. At 1Password, we approach each individual9s compensation with a promise of fair market value and internal equity commensurate with experience and specific skill set. This posting is for an existing vacancy. What we offer We believe in working hard, and rewarding that hard work through our benefits. While not an exhaustive list, here is a glance at what we currently offer: Health and wellbeing Maternity and parental leave top-up programs Competitive health benefits Generous PTO policy Growth and future RSU program for most employees Retirement matching program Free 1Password account Community Paid volunteer days Peer-to-peer recognition through Bonusly Remote-first work environment *Some roles in our GTM team are currently being hired for in-person hybrid work in Toronto and Austin. These roles will specify on the posting. Our culture At 1Password, we prioritize collaboration, clear and transparent communication, receptiveness to feedback, and alignment with our core values: keep it simple, lead with honesty, and put people first. You9ll be part of a team that challenges the status quo, and is excited to experiment and iterate in search of the best solution. That said, 1Password is not for everyone. Our work is demanding, we strive for excellence, and the pace is fast. We need people who are keen to take on challenging problems, who seek feedback to grow, and who are driven to make an impact. If you9re looking for a place where you can settle into a comfortable routine, this might not be the right fit for you. We9re looking for individuals who are proven experts in their fields, as well as those who are highly adaptable, can thrive in ambiguity and through change, are curious, and above all deliver results. How we work with AI We are committed to leveraging cutting-edge technology-including AI-to achieve our mission. We also understand that thinking critically about AI in its current forms will help us create better solutions for our customers and ourselves with its future forms, which will help us continue to close the gap between security and privacy and achieve our mission. We want team members at all levels to take the approach of actively learning AI best practices, identifying opportunities to apply AI in meaningful ways, and driving innovative solutions in their daily work. Embracing the future of AI isn9t just encouraged-it9s an essential part of how we will be successful at 1Password. This approach extends to our hiring process-candidates are welcome to use AI tools responsibly and thoughtfully during the application process. Our approach to remote work We believe in the power of remote work, but recognize that in-person connection is important to help us achieve our mission. While we are a remote-first company, travel for in-person engagement is a part of almost all roles, and we require our employees to be ready and willing to take part. Frequency will depend on role and responsibilities, and may include, but is not limited to: annual department-wide offsites, team meetings, and customer/industry events.