Staff Security Engineer, DevSecOps (Corporate Security)
New
1
1PasswordCybersecurity
Remote (United States | Canada)Full-TimeStaff
Salary192,000 - 278,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- Minimum of 8 years of combined experience in security engineering, DevSecOps, platform security, or closely related engineering roles
- Required Skills
- PythonBashCI/CDTerraformGitHub Actions
Requirements
- Minimum of 8 years of combined experience in security engineering, DevSecOps, platform security, or closely related engineering roles, with deep focus on securing developer environments, CI/CD, or software supply chains.
- Deep, hands-on expertise in GitHub Enterprise security and governance (branch protections, secret scanning, access controls, repository standards, Actions security, audit logging).
- Proven ability to design and implement security controls that integrate into CI/CD pipelines without degrading developer velocity.
- Experience with GitHub Actions and familiarity with pipeline security scaling.
- Solid understanding of software supply chain security (dependency hygiene, token/secret management, secure package consumption, SBOM generation).
- Practical experience solving security challenges introduced by AI-assisted and agentic development, including governing AI coding tools and defining policy/technical controls for tools like Copilot, Cursor, or Claude Code.
- Comfortable making architectural decisions that span multiple teams, setting standards and patterns.
- Strong scripting and automation skills in Python, Bash, Terraform, or similar, for building scalable tooling.
- Ability to build alignment with Platform Engineering, translate security requirements, and influence engineering-wide standards.
- Track record of elevating others through mentorship, documentation, and growth opportunities.
- Experience participating in on-call rotations and investigations involving developer tooling, source control, or credential exposure.
Responsibilities
- Own the DevSecOps function: Build a well-run, properly owned developer security program at 1Password, setting technical direction and operating model.
- Own GitHub and CI/CD security: Lead hardening of 1Password's GitHub Enterprise environment and CI/CD pipelines.
- Define AI-assisted development security: Own the security model for AI coding tools and agentic workflows.
- Harden the software supply chain: Drive improvements in dependency hygiene, secret management, token governance, and secure package consumption.
- Set standards engineering teams actually use: Build secure templates, baseline configurations, and developer-friendly guardrails.
- Partner with Platform Engineering: Work closely to embed security in developer tooling and platform infrastructure.
- Elevate the team and the org: Mentor engineers, distribute ownership, and contribute to the hiring process.
- Support Corporate Security operations: Participate in on-call rotation and investigations.
View Full Description & ApplyYou'll be redirected to the employer's site
