Staff Security Engineer, DevSecOps

1Password

Staff Security Engineer leading DevSecOps within Corporate Security team at 1Password. Responsible for securing developer environments and overseeing GitHub security.

Posted 5/3/2026full-timeRemote • California, New York • 🇺🇸 United StatesLead💰 $192,000 - $278,000 per yearWebsite

Tech Stack

Tools & technologies

PythonTerraform

About the role

Key responsibilities & impact

You'll have real ownership and latitude to shape how developer security works at 1Password.
Setting the technical vision, driving the standards and controls that engineering teams rely on, and building a well-run program that scales with the organization.
This role works in close partnership with Infrastructure Security.
Own the DevSecOps function: You'll have the latitude and mandate to build a well-run, properly owned developer security program at 1Password.
Lead the program to harden 1Password's GitHub Enterprise environment and CI/CD pipelines.
Define AI-assisted development security: As 1Password's engineering teams adopt AI coding tools and agentic workflows, you'll own the security model for how that happens.
Drive and work with partner teams on improvements to dependency hygiene, secret management practices, token governance, and secure package consumption across the engineering organization.
Build secure templates, baseline configurations, and developer-friendly guardrails that engineering teams adopt.

Requirements

What you’ll need

Minimum of 8 years of combined experience in security engineering, DevSecOps, platform security, or closely related engineering roles, with deep focus on securing developer environments, CI/CD, or software supply chains.
Deep, hands-on expertise in GitHub Enterprise security and governance, including branch protections, secret scanning, access controls, repository standards, Actions security, and audit logging at scale.
Proven ability to design and implement security controls that integrate into CI/CD pipelines without meaningfully degrading developer velocity.
Solid understanding of software supply chain security within developer environments, including dependency hygiene (npm, pip, and similar), token and secret management, secure package consumption practices, and SBOM generation.
Practical experience solving security challenges introduced by AI-assisted and agentic development.
Comfortable making architectural decisions that span multiple teams.
Strong scripting and automation skills in Python, Bash, Terraform, or similar.
Ability to build alignment with Platform Engineering and other engineering stakeholders.
A track record of elevating the people around you through mentorship, documentation, and deliberately creating growth opportunities for other engineers.
Experience participating in on-call rotations and contributing to investigations involving developer tooling, source control, or credential exposure.

Benefits

Comp & perks

immediate participation in 1Password's benefits program (health, dental, 401k and many others)
utilization of our generous paid time off
an equity grant
participation in our incentive programs

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

DevSecOpssecurity engineeringplatform securityGitHub Enterprise securityCI/CDdependency hygienetoken managementsecret managementscriptingautomation

Soft Skills

leadershipmentorshipcommunicationcollaborationarchitectural decision-makingproblem-solvingalignment buildingdocumentationgrowth opportunity creationinvestigation contribution