1Password

Senior Director, Product Security

1Password

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $289,000 - $391,000 per year

Job Level

Senior

Tech Stack

Cyber SecurityGoPythonRubyRuby on RailsSDLCShell Scripting

About the role

  • You will set the strategy, build and scale programs, and partner with engineering, product, and security leadership to reduce risk while enabling innovation.
  • Manage a team of highly skilled security professionals, serve as a trusted advisor to the CISO, and act as a thought leader both inside and outside the organization.
  • Define and drive the company-wide Product Security strategy, with a focus on proactive risk reduction and enabling secure AI innovation.
  • Build and scale world-class programs for Application Security, Bug Bounty, Vulnerability Management, Data and Device Security, and Secure SDLC.
  • Establish metrics, reporting, and dashboards to measure program success and risk reduction.
  • Develop and oversee secure coding practices with an emphasis on AI adoption, threat modeling, security reviews, and code analysis practices.
  • Partner with engineering leadership to embed security into the SDLC and CI/CD pipelines, ensuring security is integrated from design to deployment.
  • Oversee vulnerability management and pentesting programs, ensure rapid triage, prioritization, and remediation of vulnerabilities across the environment.
  • Participate in an on-call rotation and support your team through the incident management process.
  • Lead data security program, responsible for our underlying cryptography and cryptographic libraries across product offerings as well as codebase secrets management.
  • Lead device security program, responsible for the development of security libraries and frameworks to support product feature development, security vulnerability remediation and minimization.
  • Represent Product Security in executive and board-level discussions, providing data-driven insights and recommendations.
  • Build and lead a Security Research team focused on identifying emerging threats, new attack vectors, and innovative defensive techniques.

Requirements

  • 9+ years of progressive experience in security, with at least 5+ years leading security teams/programs at scale.
  • Education: Bachelors degree in Computer Science, Information Technology, Computer Engineering, or related fields; or equivalent work experience.
  • Deep expertise in Application Security, Vulnerability Management, Secure SDLC, and Bug Bounty programs.
  • Experience leading Security Research activities and engaging the security research community.
  • Strong track record of embedding security into engineering processes and influencing product development.
  • Proven experience leading security teams in high-growth technology or security-focused companies.
  • Passion for fostering psychological safety and stability in high stress environments.
  • Excellent communication skills with ability to convey complex security issues to technical and non-technical stakeholders, including executives and boards.
  • Thought leader with visibility in the security community (public speaking, open-source contributions, bug bounty engagement, etc.) a strong plus.
  • Experience leading security initiatives that support and/or incorporate AI capabilities.
  • Demonstrated software development experience with Go, Ruby on Rails, shell scripting, python, or other languages.
  • Experience collaborating across departments such as with internal business or engineering units, external incident response teams, and research teams.
  • USA-based roles only: must be legally authorized to work in the US; Canada-based roles only: must be legally authorized to work in Canada.