Senior Security Researcher

🕒 February 20

🇺🇸 United States – Remote

💵 $153k - $214k / year

⏰ Full Time

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

1Password

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2009

🔒 Cybersecurity

☁️ SaaS

⚡ Productivity

💰 $620M Series C on 2022-01

Cybersecurity • SaaS • Productivity

1Password is a leading password management and cybersecurity company that offers solutions for both individual and business customers to securely store and manage passwords, secrets, and sensitive information. With features like extended access management (XAM), 1Password empowers users to manage access to every application and web account, ensuring security across all devices with alerts for possible breaches. Trusted by over 150,000 businesses, 1Password provides comprehensive security solutions that enhance productivity by enabling easy and secure sharing of credentials and managing permissions, while maintaining high visibility and control. Their services cater to enterprises and families, providing protection from bad actors in today's SaaS-centric hybrid work environment.

📋 Description

• Conduct original, hands-on research into application-level, protocol-level, and ecosystem-level vulnerabilities in 1Password’s products and the broader identity security landscape; You will discover, validate, and document novel vulnerability classes and attack chains. • Collaborate with peers to develop proof-of-concept exploits and attack demonstrations that validate research findings, illustrate real-world risk, and support engineering teams in understanding and prioritizing remediation efforts. • Investigate security risks at the intersection of AI and identity, including prompt injection, data poisoning, and other AI-based attack vectors. • Author high-quality research publications, white papers, blog posts, and technical advisories; You will have the opportunity to present findings on podcasts, webinars, and at major security conferences that contribute to 1Password’s reputation as a thought leader in identity security. • Engage actively with the global security research community through responsible disclosure, collaborative research, open-source contributions, and participation in industry forums/events. • Partner with Product, Engineering, and Detection teams to translate research findings into actionable security improvements. Provide evidence-based technical guidance that informs product direction and security strategy.

🎯 Requirements

• 4+ years of progressive experience in security research, offensive security, or vulnerability research. • Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or a related field; or equivalent practical experience. • Proven track record of discovering and responsibly disclosing original vulnerabilities, ideally with published CVEs, advisories, or equivalent publicly-recognized findings. • A track record of hands-on experience in vulnerability research, exploit development, or advanced adversarial simulation techniques. • Sufficient domain experience in two or more of the following domains: application security, Linux system internals, Windows system internals, macOS system internals, AI/Agentic security, Web application security, or Mobile application security. • Familiarity with prompt injection, data poisoning, AI design architecture, AI-based attacks, and related vectors. • Proficiency in one or more programming languages such as Go, Rust, Python, Ruby, JavaScript/TypeScript, or equivalent modern languages, with the ability to read and audit code for vulnerabilities. • Consistent history of handling vulnerabilities and disclosures responsibly while engaging constructively with vendors and the research community. • Demonstrable written and verbal communication skills, with a track record of producing technical publications, blog posts, and/or conference talks that clearly convey complex security topics.

🏖️ Benefits

• health, dental, 401k and many others • utilization of our generous paid time off • equity grant