[Remote] Senior Security Engineer, GRC Automation
Note: The job is a remote job and is open to candidates in USA. 1Password is a leading cybersecurity company focused on building a safe and productive digital future. They are seeking a Senior Security Engineer β GRC Automation to design and implement automation for Governance, Risk, and Compliance operations, enhancing security and privacy commitments through innovative solutions.ResponsibilitiesLead the implementation and integration of our GRC platform, ensuring it is fully operationalized across key systems and workflowsBuild out automated workflows for control testing, evidence collection, and audit readinessDesign and deploy AI-assisted compliance workflows β including agentic evidence collection, LLM-powered vendor questionnaire review, and automated control narrative drafting β with clear validation logic built inDevelop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management)Manage project delivery across multiple GRC automation initiatives simultaneously β maintaining clear scope, milestones, and stakeholder visibility without sacrificing qualityDesign dashboards and reporting to track control health, trust signals, and audit performanceCollaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident responseOwn the roadmap for automated, resilient internal assurance infrastructure β setting priorities, managing delivery across concurrent workstreams, communicating progress to GRC leadership, and making build vs. buy decisions that scale with the businessSkills5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation rolesProven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoringDirect experience implementing and integrating GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) into production environmentsStrong scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation toolsAbility to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systemsFamiliarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operationsProject management and delivery ownership β experience managing multi-workstream compliance or security projects end-to-end: scoping, milestones, stakeholder communication, and on-time delivery. You can run a project without a PM holding your handExperience building AI-assisted workflows β you've worked with LLMs, agentic tools, or automation pipelines (beyond click-through tools) to solve a GRC or compliance problem and can walk through what you built, why, and how you validated the outputConfident in auditor-facing settings β you have a commanding presence in technical walkthroughs and can represent your automation work clearly to external auditors, senior stakeholders, and executive audiences. You know the difference between what you built and what it provesHands-on experience with event-driven automation platforms like Tines and their use in control validation and alertingExpertise in building evidence pipelines, tagging telemetry, or creating GRC dashboards in tools like Looker or MetabaseStrong understanding of cloud-native security architecture and its relationship to compliance controls (e.g., AWS IAM, encryption, logging)Experience working in customer trust, privacy engineering, or supporting sales/GTM teams with compliance assurance contentFamiliarity with EU AI Act, NIST AI RMF, or emerging AI governance frameworks β increasingly relevant as 1Password governs access for AI agents alongside human usersCISA, CISSP, or equivalent certification, or actively working toward oneBenefitsImmediate participation in 1Password's benefits program (health, dental, 401k and many others)Utilization of our generous paid time offAn equity grantWhere applicable, participation in our incentive programsImmediate participation in 1Passwordβs generous benefits program (health, dental, RRSP and many others)Utilization of our generous paid time offAn equity grantWhere applicable, participation in our incentive programsMaternity and parental leave top-up programsCompetitive health benefitsGenerous PTO policyRSU program for most employeesRetirement matching programFree 1Password accountPaid volunteer daysPeer-to-peer recognition through BonuslyRemote-first work environmentCompany Overview1Password operates as a password manager for documents, credit card information, and addresses. It was founded in 2005, and is headquartered in Toronto, Ontario, CAN, with a workforce of 1001-5000 employees. Its website is https://1password.com.