CrawlJobs Logo
1Password Logo 1Password · IT - Software Development

Senior Security Researcher

United States; Canada Employment contract 153000.00 - 214000.00 USD / Year · Job Posted May 31, 2026
Apply Position
Job Link Share

Job Description

1Password is growing. We’ve surpassed $400M in ARR and we’re continuing to accelerate, earning a spot on the Forbes Cloud 100 for four years in a row and teaming up with iconic partners like Oracle Red Bull Racing. At 1Password, we’re building the foundation for a safe, productive digital future. Our mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application sign-in is secure, and every device is trusted. We innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. As one of the most loved brands in cybersecurity, we take a human-centric approach in everything from product strategy to user experience. Over 180,000 businesses, from Fortune 100 leaders to the world’s most innovative AI companies, trust 1Password to help their teams securely adopt the SaaS and AI tools they need to do their best work. If you're excited about the opportunity to contribute to the digital safety of millions, to work alongside a team of curious, driven individuals, and to solve hard problems in a fast-paced, dynamic environment, then we want to hear from you. Come join us and help shape a safer, simpler digital future. We’re building a world-class security research program to advance both the security of 1Password’s products and the broader identity security landscape. We’re looking for a Senior Security Researcher to join this greenfield team as an individual contributor. In this role, you will conduct deep, original vulnerability research across 1Password’s product suite and the wider identity ecosystem. You’ll investigate emerging attack vectors, develop proof-of-concept exploits, publish your findings responsibly, and partner with engineering teams to drive mitigations/remediations. Your work will directly contribute to our product security posture and raise the bar for identity security across the industry. As a member of the Product Security organization, you will partner with engineers, product teams, marketing, and security leaders to protect our customers and contribute to a safer digital future. You will establish partnerships with the global security research community through technical publications, responsible disclosure, and collaborative dialogue with the broader security research community.

Job Responsibility

  • Vulnerability Research: Conduct original, hands-on research into application-level, protocol-level, and ecosystem-level vulnerabilities in 1Password’s products and the broader identity security landscape
  • You will discover, validate, and document novel vulnerability classes and attack chains
  • Demonstrate Exploitability: Collaborate with peers to develop proof-of-concept exploits and attack demonstrations that validate research findings, illustrate real-world risk, and support engineering teams in understanding and prioritizing remediation efforts
  • AI & Agentic Security Research: Investigate security risks at the intersection of AI and identity, including prompt injection, data poisoning, and other AI-based attack vectors
  • Your work will address the emerging challenges of agentic security at the interaction between privileged access management (PAM) and AI systems
  • Technical Publications & Thought Leadership: Author high-quality research publications, white papers, blog posts, and technical advisories
  • You will have the opportunity to present findings on podcasts, webinars, and at major security conferences that contribute to 1Password’s reputation as a thought leader in identity security
  • Community Engagement: Engage actively with the global security research community through responsible disclosure, collaborative research, open-source contributions, and participation in industry forums/events
  • Cross-functional Collaboration: Partner with Product, Engineering, and Detection teams to translate research findings into actionable security improvements. Provide evidence-based technical guidance that informs product direction and security strategy

Requirements

  • 4+ years of progressive experience in security research, offensive security, or vulnerability research
  • Education: Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or a related field
  • or equivalent practical experience
  • Security research experience: Proven track record of discovering and responsibly disclosing original vulnerabilities, ideally with published CVEs, advisories, or equivalent publicly-recognized findings
  • Offensive security experience: A track record of hands-on experience in vulnerability research, exploit development, or advanced adversarial simulation techniques
  • Sufficient domain experience in two or more of the following domains: application security, Linux system internals, Windows system internals, macOS system internals, AI/Agentic security, Web application security, or Mobile application security
  • AI security experience: Familiarity with prompt injection, data poisoning, AI design architecture, AI-based attacks, and related vectors
  • Software engineering proficiency: Proficiency in one or more programming languages such as Go, Rust, Python, Ruby, JavaScript/TypeScript, or equivalent modern languages, with the ability to read and audit code for vulnerabilities
  • Integrity and ethical rigor: Consistent history of handling vulnerabilities and disclosures responsibly while engaging constructively with vendors and the research community
  • Demonstrable written and verbal communication skills, with a track record of producing technical publications, blog posts, and/or conference talks that clearly convey complex security topics

What we offer

  • Maternity and parental leave top-up programs
  • Competitive health benefits
  • Generous PTO policy
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment
1Password - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Security Researcher

8 matching positions

Senior Security Researcher

Security is one of the most critical priorities for our customers in a world of ...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Must pass Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Design and execute adversary simulations that emulate real-world threat actors across endpoint, identity, cloud, and SaaS environments
  • Develop and modify offensive tooling, including custom payloads, loaders, and command-and-control (C2) frameworks
  • Conduct malware development and tradecraft research to replicate modern attacker techniques such as evasion, persistence, and lateral movement
  • Leverage threat intelligence to inform adversary emulation scenarios, including campaign design, TTP selection, and operational sequencing
  • Apply threat modeling frameworks such as MITRE ATT&CK to emulate realistic attack paths and identify defensive gaps
  • Utilize AI-enabled and agentic systems to generate attack variations, automate tradecraft execution, and scale simulation coverage
  • Partner with blue team and detection engineering teams to validate detections and improve defensive capabilities
  • Analyze telemetry generated from simulations to assess detection coverage and identify opportunities for improvement
  • Contribute to simulation reports, technical documentation, and internal knowledge sharing
  • Collaborate across teams to improve offensive tooling, methodologies, and research practices
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Security is one of the most critical priorities for our customers in a world of ...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Design and execute adversary simulations that emulate real-world threat actors across endpoint, identity, cloud, and SaaS environments
  • Develop and modify offensive tooling, including custom payloads, loaders, and command-and-control (C2) frameworks
  • Conduct malware development and tradecraft research to replicate modern attacker techniques such as evasion, persistence, and lateral movement
  • Leverage threat intelligence to inform adversary emulation scenarios, including campaign design, TTP selection, and operational sequencing
  • Apply threat modeling frameworks such as MITRE ATT&CK to emulate realistic attack paths and identify defensive gaps
  • Utilize AI-enabled and agentic systems to generate attack variations, automate tradecraft execution, and scale simulation coverage
  • Partner with blue team and detection engineering teams to validate detections and improve defensive capabilities
  • Analyze telemetry generated from simulations to assess detection coverage and identify opportunities for improvement
  • Contribute to simulation reports, technical documentation, and internal knowledge sharing
  • Collaborate across teams to improve offensive tooling, methodologies, and research practices
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Security remains a critical priority for our customers as they navigate growing ...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 258000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • This position requires verification of U.S. citizenship due to citizenship‑based legal restrictions
Job Responsibility
Job Responsibility
  • Explore and correlate large data sets to uncover novel and sophisticated attack techniques, monitor and catalog changes in activity group tradecraft, and generate custom alerts for enterprise customers
  • Work with customer support teams to support investigation and response during an enterprise's time of need
  • Collaborate with our data science and threat research teams to develop and maintain accurate and durable cloud-based detections
  • Build hunting tools and automations for use in the discovery of human adversaries
What we offer
What we offer
  • Benefits and other compensation
  • Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

We are Cloud Threat protection Research team within Microsoft Threat Protection,...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in cybersecurity, with strong hands-on understanding of the modern attacker kill chain, MITRE ATT&CK framework, and evolving cloud-based threats, including attacks targeting Enterprise Apps, and emerging AI-driven applications
  • Proven experience securing cloud and containerized environments, with hands‑on knowledge of Azure, AWS, and/or GCP, and technologies such as Kubernetes, container platforms, Storage, Key Vault, DNS and cloud services
  • Deep knowledge of adversary tooling, red team frameworks, and attacker techniques, with the ability to analyze, simulate, and interpret real-world attacker behaviors across cloud ecosystems
  • Proficiency in at least one programming language (e.g., Python, C, or C++) for building research prototypes, internal tools, automation, or detection logic
  • Strong proficiency in query languages such as KQL, SQL, or Cypher for large-scale telemetry analysis, threat hunting, behavioral investigations, and detection validation
  • Experience working with large-scale datasets to support detection development, proactive threat hunting, behavioral analytics, and signal quality improvement
  • Strong collaboration and communication skills, with the ability to clearly articulate research insights, influence product and engineering decisions, and work effectively with partner teams, including Engineering, Data Science, and incident response stakeholders
  • Bachelor’s or Master’s degree in Computer Science, Engineering, or a related technical discipline, or equivalent practical experience in security research or threat detection
Job Responsibility
Job Responsibility
  • Research real‑world hybrid threats across cloud services, end point, identity and AI systems
  • Analyze live attacker behavior and production incidents to build high‑signal detections
  • Design multi‑cloud and enterprise protections that ship in Microsoft Defender
  • Collaborate closely with product, engineering, and global research teams to turn ideas into impact
  • Partner with strong in‑house AI teams to advance AI security, detection quality, and explainability
  • Build innovative tools, automation, and research prototypes at global scale
  • Operate in a high‑trust, ownership‑driven team culture that values technical depth and innovation
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

The Defender Experts (DEX) Research team is at the forefront of Microsoft’s thre...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments, as well as disciplines related to managed services for EDR and SIEM platforms
  • Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments
  • Demonstrated expertise in developing and refining detection and response strategies leveraging major EDR and SIEM platforms, with a strong emphasis on Microsoft Defender and Sentinel, to provide comprehensive threat coverage and response capabilities
  • Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions
  • Strong practical experience identifying, analyzing, and mitigating real-world cyber threats in complex cloud environments
  • Proven ability to work independently and deliver complete solutions
  • Demonstrated capability to effectively articulate technical insights and influence multidisciplinary teams
Job Responsibility
Job Responsibility
  • Lead and execute advanced research on emerging endpoint, identity and cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments
  • Develop and refine detection and response strategies leveraging major EDR and SIEM platforms, with a strong emphasis on Microsoft Defender and Sentinel, to provide comprehensive threat coverage and response capabilities
  • Collaborate with internal and external security teams to design and implement scalable, innovative solutions for multi-cloud threat intelligence, detection, mitigation and response
  • Translate complex raw security data into actionable intelligence that enhances the effectiveness of cloud security operations for a global customer base
  • Mentor, guide, and drive best practices among researchers and detection engineers on advanced threat hunting and incident response across diverse SIEM ecosystems
  • Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat models, and proactively identifying threats and attack trends in the cloud
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

We are looking for a Security Researcher who thrives on both sides of the fence....
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in at least one of the following: security research, vulnerability research, malware analysis, threat intelligence, or detection engineering
  • Offensive security mindset with the ability to flip to the defensive side — finding attacks and building mitigations
  • Strong analytical skills — comfortable digging into unfamiliar code, protocols, or systems and figuring out how they break
  • Familiarity with operating system internals (Windows and/or macOS)
  • Hands-on experience with reverse engineering or dynamic/static analysis tools
  • Ability to write code for automation, tooling, and proof-of-concepts
  • Strong written and verbal communication — ability to write compelling research and present at conferences
Job Responsibility
Job Responsibility
  • Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows
  • Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings
  • close the loop from attack to protection
  • Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments
  • Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses)
  • Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries
  • Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs
  • Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.)
Read More
Arrow Right

Senior Security Researcher

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Tulsa
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements
  • Must pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Design and lead technical experiments exploring the intersection of AI, cybersecurity, and emerging technologies, translating research concepts into working prototypes and demonstrations
  • Build and operate lab environments, datasets, and model pipelines to test security scenarios involving AI systems, threat intelligence, and autonomous platforms
  • Conduct security research and adversarial analysis on modern AI and software systems, identifying risks, vulnerabilities, and defensive strategies
  • Collaborate with Microsoft engineering teams, startups, universities, and ecosystem partners to evaluate new technologies and accelerate applied research outcomes
  • Develop technical demonstrations, proof-of-concepts, and applied research outputs that showcase innovations emerging from the Cyber + AI Lab
  • Contribute to technical insights, reports, and presentations that translate lab research into actionable intelligence for Microsoft teams, partners, and the broader security community
  • Fulltime
Read More
Arrow Right

Senior Security Researcher

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Mathematics, Computer Science or related field
  • OR 3+ years experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection
  • 3+ years in reverse engineering (debuggers, disassemblers, file formats)
  • 3+ years experience with attacker kill chain analysis (MITRE ATT&CK and enterprise threat modeling)
  • 3+ years of experience in scripting and automation (Python, PowerShell, or Bash) and proficiency in at least one compiled language (e.g. C, C++, C#, Go, Rust)
  • Working experience with cloud environments, OS internals, and hybrid attacks
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Research emerging attack vectors and techniques
  • Analyze detection and prevention gaps and understand root cause
  • Design and develop detection, prevention and disruption solutions to thwart advanced attacks
  • Synthesize in-field telemetry to judge the state of threat coverage and share insights
  • Identify trends, foresee landscape direction and propose enhancements to meet the needs
  • Collaborate across teams to address systemic security issues
  • Guide design of AI based solutions to tackle hard security problems
  • Fulltime
Read More
Arrow Right