Enterprise Security Engineer
Over the coming years, biotech will fundamentally rewrite the way we live. Gene editing and cell therapy are dramatically changing how we treat cancer and other major illnesses. Biofuels and biomaterials are transforming the cars we drive, the clothes we wear, and the makeup of everyday objects. Crop science and synthetic biology are producing sustainable and ethical food. Benchling’s mission is to accelerate the research that propels us towards this reality, and magnify its impact, through modern software.
Every day, scientists around the world use Benchling’s applications, platform, & analytics in their efforts to solve humanity’s most pressing problems. For these scientists, Benchling is the central technology they use to conduct their research. Our customers include pharmaceutical giants, leading biotechs, and the world’s most renowned research institutes.
ROLE OVERVIEW
As a security engineer within Enterprise Security you will partner closely with technology and business leaders to understand their objectives, identify threats, and scale our enterprise security programs. You’ll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation to keep up with the company as we experience hypergrowth. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data.
YOU MIGHT WORK ON
- Partnering with our business partners on security and privacy initiatives, leading security design reviews, and threat modeling.
- Performing black-box and grey-box penetration testing of partners’ services.
- Collaborating with other Security and Engineering teams to improve visibility of cloud resources.
- Researching new attack vectors and techniques relevant to our space and present findings to both internal and external audiences.
- Researching known vulnerabilities and collaborating with engineers on the best ways to mitigate and reduce risk.
- Improve the corporate and IT secure software development lifecycle (SDLC), delivering security guidance to engineers in language they understand, mentoring security champions, and contributing to security training materials
- Developing lightweight SDLC processes to embed into IT Engineering workflows.
- Participating in our incident response and vulnerability remediation efforts.
- Evaluating external tooling, developing new automation and tooling.
- Performing security assessments (people, process, technology, and integration) of enterprise applications, infrastructure, controls, and third party products/services. This will include threat models, risk analysis, vulnerability assessments, design reviews, configuration reviews and penetration tests of systems and technologies.
- Helping to rapidly scale our team. As a member of the security team, you'll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring.
ABOUT YOU
- 3-5+ years in a security engineering role with experience in security reviews (Cloud, SaaS/PaaS, Infrastructure) and ideally threat modeling experience.
- Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand
- In-depth knowledge of AWS cloud infrastructure, docker and it’s associated security suites (e.g., IAM, GuardDuty, Inspector, CloudTrail, CloudWatch, etc.)
- In-depth experience with SaaS / PaaS Security and Infrastructure Security (networks, SDWANs, client-server models).
- Relevant development experience in at least one scripting language, preferably Python
- Experience with vulnerability management and risk assessment processes
- Technical leadership skills; you enjoy being a tech lead, mentoring technologists, evangelizing security and privacy
- Comfortable with complexity in the short term but can build towards simplicity in the long term
Benchling welcomes everyone. We believe every member of our team enriches our diversity and inclusion by broadening our ways of problem-solving for future challenges. Even if you don't meet 100% of the qualifications for this job, we strongly encourage you to apply.
LEADERSHIP PRINCIPLES
- Admit mistakes and shortcomings
- Deliver results
- Disagree and commit
- Obsess over customers
- Rely on work ethic
- Show empathy
- Recruit and develop the best
- Sweat the details
- Think and communicate clearly
- Unite around the mission
PERKS AND BENEFITS
- Work with a talented yet humble team
- Competitive compensation & equity package
- Weekly virtual social events, and annual company retreats
- 401k, Medical, dental, and vision insurance (US Employees Only)
- Monthly health & wellness stipend
- Yearly educational stipend
- Flexible & Generous Vacation Policy: If you feel you need a break, you can talk directly with your manager to find coverage and support while you are out of the office. Need time off to vote? We've got you covered.
- Quarterly company-wide mental health days off
- Holiday Shut-down: company-wide holiday shut-down between Christmas Eve and New Years
- Major US and EMEA holidays observed
- To support remote work conditions during the COVID-19 pandemic, Benchling provides each employee a one-time stipend of $1,000(USD) upon commencing employment, and additional discounted employee purchase plans for home-office equipment.
In following best practices and safety protocols, all Benchling employees are expected to work remotely until we are further advised that it is safe for employees to resume work in their respective office locations.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We also consider for employment qualified applicants with arrest and conviction records, consistent with applicable federal, state and local law, including but not limited to the San Francisco Fair Chance Ordinance.