Staff Security Researcher

Staff Security Researcher 1Password is growing faster than ever. We’ve surpassed $400M in ARR and we’re continuing to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row and teaming up with iconic partners like Oracle Red Bull Racing and the Utah Mammoth. About 1Password At 1Password, we’re building the foundation for a safe, productive digital future. Our mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We innovated the market-leading enterprise password manager and pioneered Extended Access Management, a new cybersecurity category built for the way people and AI agents work today. As one of the most loved brands in cybersecurity, we take a human-centric approach in everything from product strategy to user experience. Over 180,000 businesses, from Fortune 100 leaders to the world’s most innovative AI companies, trust 1Password to help their teams securely adopt the SaaS and AI tools they need to do their best work. If you're excited about the opportunity to contribute to the digital safety of millions, to work alongside a team of curious, driven individuals, and to solve hard problems in a fast-paced, dynamic environment, then we want to hear from you. Come join us and help shape a safer, simpler digital future. Role Overview We’re building a world-class security research program to advance both the security of 1Password’s products and the broader identity security landscape. We’re looking for a Staff Security Researcher to join this greenfield team as a senior individual contributor. In this role, you will conduct deep, original vulnerability research across 1Password’s product suite and the wider identity ecosystem. You’ll investigate emerging attack vectors, develop proof-of-concept exploits, publish your findings responsibly, and partner with engineering teams to drive mitigation/remediation strategies. Your work will directly shape our product security posture and raise the bar for identity security across the industry. As a member of the Product Security organization, you will partner with engineers, product teams, marketing, and security leaders to protect our customers and contribute to a safer digital future. You will establish deep partnerships with the global security research community through technical publications, responsible disclosure, and collaborative dialogue with the broader security community. This is a Remote opportunity within Canada and the US. KEY RESPONSIBILITIES - Vulnerability Research: Conduct original, hands-on research into application-level, protocol-level, and ecosystem-level vulnerabilities in 1Password’s products and the broader identity security landscape; You will discover, validate, and document novel vulnerability classes and attack chains. - Demonstrate Exploitability: Develop proof-of-concept exploits and attack demonstrations that validate research findings, illustrate real-world risk, and support engineering teams in understanding and prioritizing remediation efforts. - AI & Agentic Security Research: Investigate security risks at the intersection of AI and identity, including prompt injection, data poisoning, and other AI-based attack vectors; Your work will address the emerging challenges of agentic security at the interaction between privileged access management (PAM) and AI systems. - Technical Publications & Thought Leadership: Author high-quality research publications, white papers, blog posts, and technical advisories; You will have the opportunity to present findings on podcasts, webinars, and at major security conferences that contribute to 1Password’s reputation as a thought leader in identity security. - Standards Engagement: Contribute to standards bodies such as NIST, FIDO, and MCP. Your work will advance 1Password’s involvement in shaping identity and security standards that benefit the broader ecosyst ... (truncated, view full listing at source)