Staff Security Engineer, DevSecOps

🕒 May 3

🏄 California, New York – Remote

🏄 California – Remote 🗽 New York – Remote

💵 $192k - $278k / year

⏰ Full Time

🔴 Lead

⛑ DevOps & Site Reliability Engineer (SRE)

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

1Password

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2009

🔒 Cybersecurity

☁️ SaaS

⚡ Productivity

💰 $620M Series C on 2022-01

Cybersecurity • SaaS • Productivity

1Password is a leading password management and cybersecurity company that offers solutions for both individual and business customers to securely store and manage passwords, secrets, and sensitive information. With features like extended access management (XAM), 1Password empowers users to manage access to every application and web account, ensuring security across all devices with alerts for possible breaches. Trusted by over 150,000 businesses, 1Password provides comprehensive security solutions that enhance productivity by enabling easy and secure sharing of credentials and managing permissions, while maintaining high visibility and control. Their services cater to enterprises and families, providing protection from bad actors in today's SaaS-centric hybrid work environment.

📋 Description

• You'll have real ownership and latitude to shape how developer security works at 1Password. • Setting the technical vision, driving the standards and controls that engineering teams rely on, and building a well-run program that scales with the organization. • This role works in close partnership with Infrastructure Security. • Own the DevSecOps function: You'll have the latitude and mandate to build a well-run, properly owned developer security program at 1Password. • Lead the program to harden 1Password's GitHub Enterprise environment and CI/CD pipelines. • Define AI-assisted development security: As 1Password's engineering teams adopt AI coding tools and agentic workflows, you'll own the security model for how that happens. • Drive and work with partner teams on improvements to dependency hygiene, secret management practices, token governance, and secure package consumption across the engineering organization. • Build secure templates, baseline configurations, and developer-friendly guardrails that engineering teams adopt.

🎯 Requirements

• Minimum of 8 years of combined experience in security engineering, DevSecOps, platform security, or closely related engineering roles, with deep focus on securing developer environments, CI/CD, or software supply chains. • Deep, hands-on expertise in GitHub Enterprise security and governance, including branch protections, secret scanning, access controls, repository standards, Actions security, and audit logging at scale. • Proven ability to design and implement security controls that integrate into CI/CD pipelines without meaningfully degrading developer velocity. • Solid understanding of software supply chain security within developer environments, including dependency hygiene (npm, pip, and similar), token and secret management, secure package consumption practices, and SBOM generation. • Practical experience solving security challenges introduced by AI-assisted and agentic development. • Comfortable making architectural decisions that span multiple teams. • Strong scripting and automation skills in Python, Bash, Terraform, or similar. • Ability to build alignment with Platform Engineering and other engineering stakeholders. • A track record of elevating the people around you through mentorship, documentation, and deliberately creating growth opportunities for other engineers. • Experience participating in on-call rotations and contributing to investigations involving developer tooling, source control, or credential exposure.

🏖️ Benefits

• immediate participation in 1Password's benefits program (health, dental, 401k and many others) • utilization of our generous paid time off • an equity grant • participation in our incentive programs