Application Security Engineer at Benchling

Biotechnology is rewriting life as we know it, from the medicines we take, to the crops we grow, the materials we wear, and the household goods that we rely on every day. But moving at the new speed of science requires better technology.

Benchling’s mission is to unlock the power of biotechnology. The world’s most innovative biotech companies use Benchling’s R&D Cloud to power the development of breakthrough products and accelerate time to milestone and market.

Come help us bring modern software to modern science.

ROLE OVERVIEW

As an Application Security Engineer at Benchling you’ll be joining a team responsible for maintaining a best-in-class security program. Our focus is on providing value to the organization by emphasizing real world security and embracing automation. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data.

RESPONSIBILITIES

Building and integrating external and internal security tools and automation into development and build environments.
Developing lightweight processes to embed security in the SDLC workflow.
Collaborating with engineers on the best ways to mitigate vulnerabilities and reduce risk.
Performing code reviews of our services and apps.
Partnering with both the Product Design and Software Engineering organization's security and privacy initiatives, leading security design reviews, and threat modeling.
Participating in our incident response and vulnerability remediation efforts.
Developing secure coding and design practices and training engineering teams.
Performing black-box and gray-box penetration testing of our applications and services.

QUALIFICATIONS

2+ years work experience in an application security or product security role including experience with secure code reviews, threat modeling, pentesting, application security tooling and automation.
Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand.
Experience finding AND fixing web application security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
Experience with at least one scripting language, preferably Python
Knowledge of the browser security model, modern network security, AI and cloud (AWS ideally) security is a plus.
Experience with vulnerability management and risk assessment processes is a plus.

HOW WE WORK

We offer a flexible hybrid work arrangement that prioritizes in-office collaboration. Employees are expected to be on-site 3 days per week (Monday, Tuesday, and Thursday).

SALARY RANGE

Benchling takes a market-based approach to pay. The candidate's starting pay will be determined based on job-related skills, experience, qualifications, interview performance, and work location. For this role the base salary range is $147,000 to $200,000

To help you determine which zone applies to your location, please see this resource. If you have questions regarding a specific location's zone designation, please contact a recruiter for additional information.

Total Compensation includes the following:

Competitive total rewards package
Broad range of medical, dental, and vision plans for employees and their dependents
Fertility healthcare and family-forming benefits
Four months of fully paid parental leave
401(k) + Employer Match
Commuter benefits for in-office employees and a generous home office set up stipend for remote employees
Mental health benefits, including therapy and coaching, for employees and their dependents
Monthly Wellness stipend
Learning and development stipend
Generous and flexible vacation
Company-wide Winter holiday shutdown
Sabbaticals for 5-year and 10-year anniversaries

#LI-Hybrid

#BI-Hybrid

#LI-DNP

Benchling welcomes everyone.

We believe diversity enriches our team so we hire people with a wide range of identities, backgrounds, and experiences.

We are an equal opportunity employer. That means we don’t discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We also consider for employment qualified applicants with arrest and conviction records, consistent with applicable federal, state and local law, including but not limited to the San Francisco Fair Chance Ordinance.

Please be aware that Benchling will never request personal information, payment, or sensitive details outside of Greenhouse or via email. All official communications will come from an @benchling.com email address or from an approved vendor alias. If you are contacted by someone claiming to represent Benchling and are unsure of their legitimacy, please reach out to us at recruiting-fraud-alert@benchling.com to verify the communication.

About Benchling

Key Highlights

🎁 Benefits

🌟 Culture

Application Security Engineer

Skills & Technologies

Job Description