Application Security Engineer

Benchling

San Francisco, CA, US
  • Job Type: Full-Time
  • Function: IT
  • Post Date: 02/16/2021
  • Website: benchling.com
  • Company Address: 555 Montgomery Street Suite 1700, San Francisco, CA, 94111

About Benchling

Benchling makes life science research faster and more collaborative.

Biotechnology has the potential to solve humanity’s most pressing challenges, such as disease, renewable energy, clean water, and hunger. The brightest minds are working on these problems but they are equipped with archaic tools. We aspire to fix this and increase the rate of scientific output with a web-based platform that allows researchers to design and run experiments, analyze data, and share results.

Job Description

Over the next 10 years, biotech will fundamentally rewrite the way we live. Gene editing and cell therapy will dramatically change how we treat cancer and other major illnesses. Biofuels and biomaterials will transform the cars we drive, the clothes we wear, and the makeup of everyday objects. Crop science and synthetic biology will produce sustainable and ethical food. Benchling’s mission is to accelerate the research that propels us towards this future, and magnify its impact, through modern software.

Every day, scientists around the world use Benchling in their efforts to solve humanity's most pressing problems. For these scientists, Benchling is the central technology they use to conduct their research.

Benchling was founded by a team of MIT graduates and has raised funding from Benchmark, Andreessen Horowitz, Thrive Capital, and Y Combinator. Our customers include pharmaceutical giants, leading biotechs, and the world's most renowned research institutes.

Responsibilities

  • Partner with both the Product Design and Software Engineering organization's security and privacy initiatives, leading security design reviews and threat modeling.
  • Partner with Product Design and Software Engineering on security feature roadmaps.
  • Black-box and grey-box penetration testing, assessment, and code reviews of services, product offerings and partner apps including SaaS, PaaS, and mobile.
  • Research new attack vectors and techniques relevant to our space and present findings to both internal and external audiences. 
  • Research known vulnerabilities and collaborate with engineers on the best ways to mitigate and reduce risk.
  • Participate in our incident response and vulnerability remediation efforts.
  • Evaluate external tooling, develop new automation and tooling.
  • Evolve SDLC to meet modern security threats and risks.
  • Develop lightweight processes to embed into Product Design and Software Engineering workflows.
  • Develop secure coding practices and train engineering teams.
  • Interface with customers’ security teams when they are scoping and performing security assessments.

 

Minimum Qualifications

  • B.S. / M.S. in Computer Science or related experience.
  • Relevant development experience in multiple languages: Python, Java, Javascript/Typescript
  • 3-5+ years work experience in an application security role.
  • 3+ years with code reviews, pentesting, and threat modeling experience
  • In-depth experience identifying, protecting against, and exploiting web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
  • Strong knowledge of the browser security model, modern network security, and cloud security.
  • Strong understanding of risk evaluation and application security vulnerability management processes. 

 

Bonus Points

  • OSCP (or similar) certification
  • Red Team experience
  • Software engineering experience
  • Contributions to the security community via talks, papers, blogs, projects, CVEs, etc.
  • Technical leadership skills (you enjoy being a tech lead, mentoring technologists, evangelizing security and privacy)
  • A good sense of humor!

 

OUR VALUES

  • Empower through information. We explain the “why” behind every decision, unless there are highly sensitive circumstances. We're honest about how we're doing, especially in difficult times. We believe that sharing information builds trust and enables better decision-making.
  • Rely on tenacity. Hard work is one of the greatest factors to determine success and is fully under our control. We must make the most of every day by bringing the highest level of determination. Dreaming big is not enough.
  • Raise the bar. Pushing ourselves and others to improve will be uncomfortable and at times result in failure. However, it's critical to our success. We're dedicated to creating a place where everyone feels challenged to improve.
  • Build a lever. We choose to build tools and infrastructure that will help others make world-changing innovations. There's less glory in it, but in the words of Archimedes, "Give me a lever long enough and a fulcrum on which to place it, and I shall move the world."

 

PERKS AND BENEFITS

  • Work with a talented yet humble team
  • Competitive compensation & equity package
  • Monthly health & wellness stipend
  • 401k
  • Medical, dental, and vision insurance
  • Weekly virtual social events, and annual company retreats
  • *$1,000 work-from-home stipend

*In following best practices and safety protocols, all Benchling employees are expected to work remotely until we are further advised that it is safe for employees to resume work in their respective office locations. To support remote work conditions, Benchling provides each employee a one-time stipend of $1,000 upon commencing employment, and additional discounted employee purchase plans for home-office equipment.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

We also consider for employment qualified applicants with arrest and conviction records, consistent with applicable federal, state and local law, including but not limited to the San Francisco Fair Chance Ordinance.

Related Jobs

Sales Development Representative

Benchling - San Francisco, CA, US

Product Designer

Benchling - San Francisco, CA, US

Software Engineer, Applications Team

Benchling - San Francisco, CA, US

Customer Success Specialist

Benchling - Zurich, CH

Scientific Solutions Consultant, Enterprise

Benchling - North America
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.