Senior Security Engineer, Incident Response

1Password is a rapidly growing company focused on building a secure digital future. The Senior Security Engineer on the Incident Response team will lead complex security investigations and develop systems and automation to enhance incident response capabilities.

Responsibilities:

• Lead and execute security incidents end-to-end, from initial signal through containment, recovery, and post-incident review
• Assess severity, declare incidents, and drive structured coordination and decision-making during active response
• Perform hands-on investigations and threat hunting to determine root cause, attacker behavior, scope, and impact
• Design and build automation to reduce triage, investigation, and response time
• Develop scalable systems and workflows that improve incident response and incident management
• Identify recurring pain points and detection/response gaps, and implement durable engineering solutions
• Improve incident response playbooks, case management, and orchestration tooling
• Apply AI-assisted tooling to enhance triage, enrichment, and investigative workflows while maintaining accuracy

Requirements:

• 5+ years of experience in security incident response roles, with 3+ years focused on security engineering and automation
• Proven experience leading complex security incidents in cloud-native or SaaS environments
• Experience building automation or internal tooling to improve security operations
• Proficiency in scripting or programming (e.g., Python, Go, Bash) and working with APIs or orchestration platforms
• Familiarity with applying AI/ML-assisted workflows to operational security use cases
• Strong understanding of modern attacker techniques and incident response methodologies
• Strong written and verbal communication skills, including executive-facing summaries