Staff Security Engineer, DevSecOps

📋 Description

• You will have genuine ownership and the flexibility to influence the direction of developer security at 1Password.

• Establish the technical vision, set the standards and controls that engineering teams depend on, and create a well-managed program that scales alongside the organization.

• This position collaborates closely with Infrastructure Security.

• Take charge of the DevSecOps function: You will have the authority and responsibility to develop a well-structured, effectively managed developer security program at 1Password.

• Lead the initiative to enhance the security of 1Password's GitHub Enterprise environment and CI/CD pipelines.

• Define the security framework for AI-assisted development: As the engineering teams at 1Password integrate AI coding tools and autonomous workflows, you will oversee the associated security model.

• Collaborate with partner teams to enhance dependency hygiene, secret management practices, token governance, and secure package consumption throughout the engineering organization.

• Create secure templates, baseline configurations, and developer-friendly guardrails that engineering teams will adopt.

⛳️ Requirements

• A minimum of 8 years of combined experience in security engineering, DevSecOps, platform security, or closely related engineering roles, with a strong emphasis on securing developer environments, CI/CD, or software supply chains.

• In-depth, hands-on knowledge of GitHub Enterprise security and governance, including branch protections, secret scanning, access controls, repository standards, Actions security, and large-scale audit logging.

• Demonstrated ability to design and implement security controls that seamlessly integrate into CI/CD pipelines without significantly impacting developer velocity.

• Comprehensive understanding of software supply chain security within developer environments, covering dependency hygiene (npm, pip, and similar), token and secret management, secure package consumption practices, and SBOM generation.

• Practical experience addressing security challenges posed by AI-assisted and autonomous development.

• Comfortable making architectural decisions that involve multiple teams.

• Strong scripting and automation capabilities in Python, Bash, Terraform, or similar languages.

• Ability to foster alignment with Platform Engineering and other engineering stakeholders.

• A proven history of uplifting colleagues through mentorship, documentation, and intentionally creating growth opportunities for fellow engineers.

• Experience in participating in on-call rotations and contributing to investigations related to developer tooling, source control, or credential exposure.

🏝️ Benefits

• Immediate enrollment in 1Password's benefits program (health, dental, 401k, and more).

• Access to our generous paid time off.

• An equity grant.

• Participation in our incentive programs.