Application Security Engineer

Biotechnology is rewriting life as we know it, from the medicines we take, to the crops we grow, the materials we wear, and the household goods that we rely on every day. But moving at the new speed of science requires better technology.

Benchling's mission is to unlock the power of biotechnology. The world's most innovative biotech companies use Benchling's R&D Cloud to power the development of breakthrough products and accelerate time to milestone and market.

Come help us bring modern software to modern science.

ROLE OVERVIEW

As an Application Security Engineer at Benchling you'll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation to keep up with the company as we experience hypergrowth. We're looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data.

YOUR IMPACT

• Partnering with both the Product Design and Software Engineering organization's security and privacy initiatives, leading security design reviews, and threat modeling.
• Performing black-box and grey-box penetration testing of our own and partners' services.
• Performing code reviews of our own and partners' services and apps including SaaS, PaaS, and mobile.
• Researching new attack vectors and techniques relevant to our space and present findings to both internal and external audiences.
• Collaborating with engineers on the best ways to mitigate vulnerabilities and reduce risk.
• Participating in our incident response and vulnerability remediation efforts.
• Integrating external and internal security tools and automation into development and build environments
• Developing lightweight SDLC processes to embed into Product Design and Software Engineering workflows.
• Develop secure coding practices and train engineering teams.
• Interface with customers' security teams when they are scoping and performing security assessments.
• Helping to rapidly scale our team. As a member of the security team, you'll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring.

ABOUT YOU

• 5-10+ years in a security engineering role with experience in cloud security reviews and ideally threat modeling experience
• Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand
• In-depth knowledge of AWS cloud infrastructure, docker and it's associated security suites (e.g., IAM, GuardDuty, Inspector, CloudTrail, CloudWatch, etc.)
• Terraform and/or CloudFormation experience
• Relevant development experience in at least one scripting language, preferably Python
• Experience with vulnerability management and risk assessment processes
• Technical leadership skills; you enjoy being a tech lead, mentoring technologists, evangelizing security and privacy
• Comfortable with complexity in the short term but can build towards simplicity in the long term

#LI-GP1 #LI-Remote

Benchling welcomes everyone.

We believe diversity enriches our team so we hire people with a wide range of identities, backgrounds, and experiences. Even if you don't meet 100% of the qualifications for this job, we strongly encourage you to apply.

We are an equal opportunity employer. That means we don't discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We also consider for employment qualified applicants with arrest and conviction records, consistent with applicable federal, state and local law, including but not limited to the San Francisco Fair Chance Ordinance.

Our leadership principles guide how all Benchlings can lead by example:

• Admit mistakes and shortcomings
• Deliver results
• Disagree and commit
• Obsess over customers
• Rely on work ethic
• Show empathy
• Recruit and develop the best
• Sweat the details
• Think and communicate clearly
• Unite around the mission

For applicants for U.S.-based roles only: All new hires in the United States are required to be fully vaccinated against COVID-19 and to provide proof of vaccination prior to their first day of employment. If you are unable to be vaccinated for medical or religious reasons, we will explore potential reasonable accommodations; however, Benchling may not be able to grant such accommodations in all cases if doing so would cause undue hardship.

If you are a Colorado, Connecticut, or New York City resident: Please contact us by emailing salary-inquiries@benchling.com to receive compensation and benefits information for this role. Please include the job title in the subject line of the email.