Job Description
What to expect:
- Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments.
- Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning.
- Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization.
Who you are:
- Calm and effective under pressure, with a blameless, data-informed approach to incident response.
- Operationally minded, with strong judgment and a bias toward action and continuous improvement.
- Comfortable working across both detection engineering and incident response responsibilities.
What we're looking for:
- Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows.
- Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments.
- Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling.
About 1Password
1Password is building the foundation for a safe, productive digital future. They innovated the market-leading enterprise password manager and pioneered Extended Access Management, a new cybersecurity category built for the way people and AI agents work today. Over 180,000 businesses trust 1Password to help their teams securely adopt the SaaS and AI tools they need to do their best work.