​1Password, a leader in Extended Access Management and password security, is hiring a Senior Engineer to join their Application Security team. This role is highly strategic, moving beyond standard code reviews to focus on building and scaling a world-class Vulnerability Management Program. You will be responsible for the tools and processes that ensure 1Password’s products—used by over 180,000 businesses—remain secure.

• ​Salary Range (USA): $156,000 – $210,000 USD + Benefits & RSUs.
• ​Location: Remote (United States or Canada).
• ​Core Focus: Vulnerability Management, Tooling, and Security Engineering.
• ​Key Languages: Rust, Golang (Bonus).

​Key Responsibilities: Engineering the Vulnerability Lifecycle

​At 1Password, the Application Security team handles the “Security Engineering around Product Development.” This role specifically centers on the Vulnerability Management Lifecycle.

​1. Security Solution Engineering

​You will design and build the backend infrastructure that powers 1Password’s vulnerability program. This includes creating custom tools to correlate and enrich data from various sources (SAST, DAST, Bug Bounty, and Pentests) to create a “single source of truth” for security findings.

​2. Metrics and Auditing

​You will develop dashboards that translate raw security data into actionable insights. These metrics aren’t just for engineers; you will tailor reporting for compliance teams (SOC2, ISO) and senior leadership to demonstrate the efficacy of the security program.

​3. Collaborative Triage & Analysis

​You will partner directly with product teams to solve complex security problems. Instead of just “tossing a bug over the fence,” you will analyze classes of vulnerabilities to find root causes and work on remediation strategies that maintain a high-quality user experience.

​What 1Password is Looking For

• ​Experience: 5+ years in IT/Engineering with a dedicated security focus.
• ​AppSec Expertise: Deep knowledge of Bug Bounty programs, vulnerability research, and remediation.
• ​Code Proficiency: You are a developer at heart. You can read/write code (ideally Rust or Go) and understand how to integrate security into the SDLC.
• ​Project Ownership: Comfortable setting the technical direction for initiatives and mentoring other engineers.
• ​Soft Skills: Ability to communicate technical risks to non-technical stakeholders clearly and empathetically.

​Why This Role Matters

​1Password isn’t just a utility; it’s a critical piece of security infrastructure for some of the world’s most innovative companies. In this role, your work on Vulnerability Management directly impacts the digital safety of millions. By building automated, risk-aware systems, you enable 1Password to innovate quickly while maintaining the absolute trust of their customers.