Senior Security Engineer, GRC Automation
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior Security Engineer designing and implementing GRC automation workflows at 1Password. Partnering with the Senior Manager of GRC to enhance security operations and compliance.
Responsibilities:
- design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations.
- partner directly with the Senior Manager of GRC to build automation that scales our security and privacy commitments — from audit readiness and policy enforcement to customer trust workflows.
- operationalizing and expanding our GRC platform (Drata), building AI-assisted workflows that automate evidence collection, control monitoring, and vendor risk — and owning the delivery of those projects from scoping through go-live.
- be in the room with auditors, owning the technical narrative for what you've built and why.
- lead the implementation and integration of our GRC platform, ensuring it is fully operationalized across key systems and workflows.
- build out automated workflows for control testing, evidence collection, and audit readiness.
- manage project delivery across multiple GRC automation initiatives simultaneously — maintaining clear scope, milestones, and stakeholder visibility without sacrificing quality.
Requirements:
- 5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation roles.
- Proven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoring.
- Direct experience implementing and integrating GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) into production environments.
- Strong scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools.
- Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems.
- Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations.
- Project management and delivery ownership — experience managing multi-workstream compliance or security projects end-to-end: scoping, milestones, stakeholder communication, and on-time delivery. You can run a project without a PM holding your hand.
- Experience building AI-assisted workflows — you've worked with LLMs, agentic tools, or automation pipelines (beyond click-through tools) to solve a GRC or compliance problem and can walk through what you built, why, and how you validated the output.
- Confident in auditor-facing settings — you have a commanding presence in technical walkthroughs and can represent your automation work clearly to external auditors, senior stakeholders, and executive audiences. You know the difference between what you built and what it proves.
Benefits:
- immediate participation in 1Password's benefits program (health, dental, 401k and many others)
- utilization of our generous paid time off
- an equity grant
- participation in our incentive programs
Similar Jobs
Lernbegleiter:in Sicherheit und Objektschutz
Trainer for security and protection at WBS TRAINING focusing on participants' competency development and utilizing various teaching methods. Providing specialist education from home office in WBS LearnSpace 3D.
AWS Cloud Security, ICAM Specialist
AWS Cloud Security and ICAM Specialist designing and managing secure authentication for cloud applications. Ensuring compliance with federal identity governance and cloud security principles.
Staff Security Engineer
Staff Security Engineer at Order.co driving security architecture and mentoring engineers. Overseeing technical improvements and complex security initiatives to protect company data.
Information Security Assessor – QSA Certified
Information Security Assessor leading PCI DSS assessments and client engagements in cybersecurity compliance at RSI Security. Collaborating with stakeholders and ensuring compliance with regulatory frameworks.
External Industry Risk & Security Governance Representative – ISO 17021, 17020, 42006
External Industry Risk & Security Governance Representative serving on the Impartiality Committee for RSI Security. Managing governance oversight and ensuring impartiality in certification processes with extensive industry experience.
Analista Blue Team – IBM QRadar
Analista Blue Team at It4us responsible for monitoring and incident response in corporate environments. Engage in high-criticality cybersecurity operations using IBM QRadar.
Especialista em Cyber Segurança – Resposta a Incidentes
Specialist in Cyber Security coordinating incident response operations at Grupo Casas Bahia. Evaluating and optimizing incident response processes and ensuring alignment with security policies.
Mid-level Information Security Analyst
Analista Pleno de Segurança da Informação focusing on CyberSecurity with Azure cloud security at Atlas. Seeking dynamic professionals for significant impact in security maturity.
Cybersecurity Architect – Senior
Cybersecurity Architect leading security architecture for critical operations in Brazil and Canada. Designing robust security solutions and ensuring compliance across complex environments.
Security Consultant
Security Consultant facilitating the day-to-day running of the Intruder platform, delivering consultancy services to customers and managing security projects.
Security Expert
Cybersecurity Consultant specializing in Microsoft Sentinel, Defender, and Purview technologies at Ontinue. Delivering high-impact projects and expert guidance to clients across various industries.
Microsoft 365 Security Engineer
Microsoft 365 Security Engineer responsible for securing and managing Microsoft 365 environments. Join RKD Group to make a positive impact in nonprofit sectors by enhancing security measures.
Application Security Project Manager
Application Security Project Manager leading enterprise-level App Sec efforts for federal customers. Proven experience in cybersecurity and service delivery required.
EC Payroll Security Resource
Remote position for ECP Security and RBP areas resource. Involves payroll security responsibilities with expected travel to Miami.
Security Process Specialist
Security Process Specialist required to design, optimize, and embed security processes for internal platform programmes. Role requires experience in risk management and compliance frameworks.
Security Risk and Compliance Specialist
Senior Security Risk & Compliance Specialist translating compliance requirements into actionable security controls. Working remotely with travel readiness in Germany for a large platform programme.
Incident Response Engineer
Incident Response Engineer managing security incidents for federal government. Collaborating with teams to enhance cybersecurity capabilities and prevent future incidents.
Manager – Architecture and Information Security
Manager of Architecture and Information Security at Ford’s BlueOval Battery Park in Michigan. Leading technology architecture and security strategies for next-gen manufacturing.
Lernbegleiter – Sicherheit und Objektschutz
WBS TRAINING employee focused on competency development through remote instruction and learning facilitation. Engaging students with effective teaching methods and curriculum material preparation.
Learning Facilitator, Security and Property Protection
WBS TRAINING employee supporting competency development in security education role through home office instruction and learning facilitation methods. Preparing learning materials and conducting assessments to enhance student skills.