Back to jobsApply
1Password

Productive businesses use 1Password to secure employees at scale.

Senior Security Researcher

Security EngineerSecurity EngineerFull TimeRemoteTeam 501-1,000Since 2009H1B SponsorCompany SiteLinkedIn

Location

United States

Posted

26 days ago

Salary

$153K - $214K / year

Bachelor Degree4 yrs expEnglishJava ScriptLinuxMac OSPythonRubyRustType ScriptGo

Job Description

• Conduct original, hands-on research into application-level, protocol-level, and ecosystem-level vulnerabilities in 1Password’s products and the broader identity security landscape; You will discover, validate, and document novel vulnerability classes and attack chains. • Collaborate with peers to develop proof-of-concept exploits and attack demonstrations that validate research findings, illustrate real-world risk, and support engineering teams in understanding and prioritizing remediation efforts. • Investigate security risks at the intersection of AI and identity, including prompt injection, data poisoning, and other AI-based attack vectors. • Author high-quality research publications, white papers, blog posts, and technical advisories; You will have the opportunity to present findings on podcasts, webinars, and at major security conferences that contribute to 1Password’s reputation as a thought leader in identity security. • Engage actively with the global security research community through responsible disclosure, collaborative research, open-source contributions, and participation in industry forums/events. • Partner with Product, Engineering, and Detection teams to translate research findings into actionable security improvements. Provide evidence-based technical guidance that informs product direction and security strategy.

Job Requirements

  • 4+ years of progressive experience in security research, offensive security, or vulnerability research.
  • Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or a related field; or equivalent practical experience.
  • Proven track record of discovering and responsibly disclosing original vulnerabilities, ideally with published CVEs, advisories, or equivalent publicly-recognized findings.
  • A track record of hands-on experience in vulnerability research, exploit development, or advanced adversarial simulation techniques.
  • Sufficient domain experience in two or more of the following domains: application security, Linux system internals, Windows system internals, macOS system internals, AI/Agentic security, Web application security, or Mobile application security.
  • Familiarity with prompt injection, data poisoning, AI design architecture, AI-based attacks, and related vectors.
  • Proficiency in one or more programming languages such as Go, Rust, Python, Ruby, JavaScript/TypeScript, or equivalent modern languages, with the ability to read and audit code for vulnerabilities.
  • Consistent history of handling vulnerabilities and disclosures responsibly while engaging constructively with vendors and the research community.
  • Demonstrable written and verbal communication skills, with a track record of producing technical publications, blog posts, and/or conference talks that clearly convey complex security topics.

Benefits

  • health, dental, 401k and many others
  • utilization of our generous paid time off
  • equity grant

Related Categories

Security Engineer

Related Job Pages

Remote Full-time Jobs (US)Remote Python Jobs (US)More US Remote Jobs

More Security Engineer Jobs

Cyber Security Engineer

GE HealthCare
Security Engineer26 days ago
Full TimeRemoteTeam 10,001+Since 1892H1B Sponsor
Company SiteLinkedIn

Cyber Security Engineer safeguarding healthcare technology products at GE HealthCare

AWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformKubernetes
View details: Cyber Security Engineer
Illinois + 1 moreAll locations: Illinois, Massachusetts
$105.6K - $158.4K / year
Apply

Physical Security Delivery Manager

Stream Data Centers

We believe that deploying data center capacity should be a great experience.

Security Engineer26 days ago
Full TimeRemoteTeam 501-1,000Since 1999H1B No Sponsor
Company SiteLinkedIn

Physical Security Delivery Manager overseeing construction and operations security projects

View details: Physical Security Delivery Manager
Arizona + 2 moreAll locations: Arizona, Illinois, Texas
Apply

Senior Cybersecurity – Exploitation Engineer

Reveal Technology

Actionable intelligence at the tactical edge

Security Engineer26 days ago
Full TimeRemoteTeam 11-50H1B No Sponsor
Company SiteLinkedIn

Senior Cybersecurity Engineer developing offensive security capabilities for a tech startup

IoTLinuxPythonTCP/IP
View details: Senior Cybersecurity – Exploitation Engineer
United States
$150K - $210K / year
Apply

Product Security Engineer

Cedar

Cedar is the AI-powered healthcare financial experience platform, built for the rising cost and complexity of healthcare payments. We help millions of people every year understand and resolve their medical bills with clarity and compassion, while helping healthcare organizations operate more efficiently. We’re combining AI, smart design, and empathy to fix one of healthcare’s most urgent crises.

Security Engineer26 days ago
Full TimeRemoteTeam 420Since 2016
Company Site

The Product Security Engineer at Cedar will develop security tools, advise product engineers, and enhance workflows to ensure secure software development while fostering collaboration and communication with teams.

AWSBashGoGraphQLgRPCHTTPPythonTerraform
View details: Product Security Engineer
United States
$157.3K - $185K / year
Apply