View All Jobs 138581

Security Engineer - Remote Eligible

Build and scale automated GRC workflows and dashboards for audit readiness
Remote
Mid-Level
$123,000 – 172,000 USD / year
yesterday
1Password

1Password

Provides secure password management, digital vaults, and identity protection tools for individuals and businesses across devices.
7 Similar Jobs at 1Password

Security Engineer – GRC Automation

1Password is looking for a Security Engineer – GRC Automation to help design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations.

You'll work closely with the Senior Manager of GRC and senior GRC engineers to build automation that scales our security and privacy commitments — from audit readiness and policy enforcement to customer trust workflows. A key focus for this role will be contributing to the operationalization and expansion of our GRC platform (Drata), building and executing AI-assisted workflows that automate evidence collection, control monitoring, and vendor risk.

This is a hands-on technical role for someone who's passionate about making GRC repeatable, visible, and built into how the company works. It sits at the intersection of security engineering, compliance, and platform operations — ideal for someone with a solutions engineering, DevSecOps, or GRC practitioner background who is growing their expertise in high-context, high-impact environments. You'll build things and you'll be expected to understand what you built well enough to explain it — including in auditor-facing conversations.

This is a remote opportunity within Canada and the US.

What We're Looking For

  • 3+ years of experience in security engineering, DevSecOps, solutions engineering, GRC automation, or compliance roles.
  • Experience working with GRC, compliance, or audit teams to support automation for evidence collection, control testing, or security monitoring.
  • Hands-on experience working with GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) — configuration, integration, or implementation experience is strong signal.
  • Scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools — you've built something, not just configured it.
  • Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems.
  • Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations.
  • Organizational and delivery skills — you can manage your workstreams with clear milestones, communicate progress proactively, and keep multiple tasks moving without losing quality.
  • Curiosity and experience with AI-assisted workflows — you've experimented with LLMs, agentic tools, or automation pipelines in a GRC or compliance context and can describe what you tried, what worked, and what you'd do differently.
  • Comfortable in auditor-facing settings — you can explain your work clearly to external auditors and senior stakeholders. You know the difference between what you built and what it proves.

Bonus Points For

  • Hands-on experience with event-driven automation platforms like Tines and their use in control validation and alerting.
  • Experience building evidence pipelines, tagging telemetry, or creating compliance dashboards.
  • Familiarity with cloud-native security architecture and its relationship to compliance controls (e.g., AWS IAM, encryption, logging).
  • Experience in customer trust, privacy engineering, or supporting sales/GTM teams with compliance assurance content.
  • Familiarity with EU AI Act, NIST AI RMF, or emerging AI governance frameworks — increasingly relevant as 1Password governs access for AI agents alongside human users.
  • CISA, Security+, or equivalent certification, or actively working toward one.

At 1Password, We Build With AI

At 1Password, using AI to do more with less isn't a bonus — it's how we operate, and it's part of this role from day one. At this level, we're looking for demonstrated curiosity and real builder instincts that are actively developing into hands-on AI automation skills.

  • Active AI user, trending toward builder: You've applied AI tools to a GRC or compliance problem beyond chat Q&A and writing assistance. You've automated something — even a small or personal workflow — and can describe what it did, what you learned, and what you'd build next.
  • Compliance-as-infrastructure mindset: When you encounter a manual GRC process, your first question is whether it can be automated. You bring ideas, not just execution.
  • AI tradeoff awareness: You understand that AI tools have real limitations in compliance workflows — hallucination risk, non-determinism, validation requirements — and you've thought about these in your own work, not just read about them.
  • Systems thinking: When you describe something you built or automated, you can explain the downstream effect, not just the immediate time saved.

What You Can Expect

  • Contribute to the implementation and integration of our GRC platform, executing on integrations and automations that connect Drata to key systems and workflows.
  • Build and maintain automated workflows for control testing, evidence collection, and audit readiness under the direction of senior GRC engineers.
  • Help design and deploy AI-assisted compliance workflows — including evidence collection automation, vendor questionnaire support, and control narrative drafting — with validation steps built in.
  • Develop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management).
  • Manage your project workstreams with clear scope and milestones — communicating progress and flagging blockers proactively.
  • Build dashboards and reporting to track control health, trust signals, and audit performance.
  • Collaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident response.
  • Contribute to the roadmap for automated, resilient internal assurance infrastructure — bringing ideas, executing with quality, and growing toward owning larger workstreams over time.

USA-based roles only: The annual base salary for this role is between $123,000 USD and $172,000 USD, plus immediate participation in 1Password's benefits program (health, dental, 401k and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs.

Canada-based roles only: The annual base salary for this role is between $111,000 CAD and $155,000 CAD, plus immediate participation in 1Password's generous benefits program (health, dental, RRSP and many others), utilization of our generous paid time off, an equity grant and, where applicable, participation in our incentive programs. At 1Password, we approach each individual's compensation with a promise of fair market value and internal equity commensurate with experience and specific skill set. This posting is for an existing vacancy.

Our culture At 1Password, we prioritize collaboration, clear and transparent communication, receptiveness to feedback, and alignment with our core values: keep it simple, lead with honesty, and put people first. You'll be part of a team that challenges the status quo, and is excited to experiment and iterate in search of the best solution. That said, 1Password is not for everyone. Our work is demanding, we strive for excellence, and the pace is fast. We need people who are keen to take on challenging problems, who seek feedback to grow, and who are driven to make an impact. If you're looking for a place where you can settle into a comfortable routine, this might not be the right fit for you. We're looking for individuals who are proven experts in their fields, as well as those who are highly adaptable, can thrive in ambiguity and through change, are curious, and above all deliver results.

How we work with AI We are committed to leveraging cutting-edge technology—including AI—to achieve our mission. We also understand that thinking critically about AI in its current forms will help us create better solutions for our customers and ourselves with its future forms, which will help us continue to close the gap between security and privacy and achieve our mission. We want team members at all levels to take the approach of actively learning AI best practices, identifying opportunities to apply AI in meaningful ways, and driving innovative solutions in their daily work. Embracing the future of AI isn't just encouraged—it's an essential part of how we will be successful at 1Password.

This approach extends to our hiring process—candidates are welcome to use AI tools responsibly and thoughtfully during the application process.

Our approach to remote work We believe in the power of remote work, but recognize that in-person connection is important to help us achieve our mission. While we are a remote-first company, travel for in-person engagement is a part of almost all roles, and we require

+ Show Original Job Post
Suggest a correction
























Security Engineer - Remote Eligible
Remote
$123,000 – 172,000 USD / year
Engineering
Apply to job
About 1Password
Provides secure password management, digital vaults, and identity protection tools for individuals and businesses across devices.