1Password is a rapidly growing company focused on building a secure digital future. The Security Engineer on the Corporate Security team will implement and improve identity and access management solutions, collaborating with IT Engineering to enhance authentication and access controls.
Responsibilities:
- Contribute to the implementation and improvement of identity and access management solutions across 1Password
- Work closely with IT Engineering and other members of the Corporate Security team to support authentication, access controls, identity lifecycle management, and secure access to internal and SaaS systems
- Focus on securing and improving our identity ecosystem
- Work primarily with our identity provider (such as Okta, Google Workspace, and Azure AD), as well as with IT Engineering’s Identity squad to strengthen authentication, access provisioning, and access control
- Help dogfood and improve our identity-related products, including Trelica, 1Password, and Kolide
- Drive tasks and small projects to completion, and collaborate effectively with partner teams
- Assist in developing and maintaining configuration standards and governance for identity platforms, including detection and remediation of configuration drift
- Leverage scripting, automation, and configuration as code to make identity management more scalable, repeatable, and auditable
- Partner with other Corporate Security squads (SaaS and Endpoint Security) to address overlapping responsibilities and ensure identity controls are effectively integrated into broader security initiatives
- Support identity-related projects from planning through execution - coordinating with IT Engineering and application owners, ensuring deliverables meet security and business requirements
- Participate in security audits, tabletop exercises, and identity-related incident response activities
Requirements:
- 3–5 years of combined experience in IT or security, with a focus on corporate or enterprise identity management
- Hands-on experience administering and securing identity providers such as Okta, Google Workspace, or Azure AD, including SSO, federation, MFA, and SCIM provisioning and access policies
- Strong understanding of identity security fundamentals, including RBAC, access governance, lifecycle management, and how identity underpins secure SaaS adoption
- Experience working in a remote-first environment where identity and device posture form the basis of access control
- Hands-on experience configuring or supporting conditional access policies, leveraging device posture signals (via tools such as Kandji, Jamf, CrowdStrike, or SentinelOne), and working with ZTNA or modern VPN solutions (e.g., Tailscale, Twingate, Palo Alto Prisma Access, Zscaler)
- Experience using scripting or automation (e.g., Python, Bash, Terraform) to support identity operations, configuration as code (CaC), or workflow automation
- Strong collaboration and communication skills, with the ability to work effectively within the Identity squad, across IT Engineering, and with partner teams such as Procurement and GRC
- A growth mindset, ownership mentality, and a commitment to developing skills while contributing to the maturity of the Corporate Security team
- Experience using SOAR platforms (Tines, Torq, Splunk) is a plus
- Experience being 'customer zero' - dogfooding security or identity products internally, and providing feedback to improve both internal use and customer-facing value