Application Security Engineer

As an Application Security Engineer at Benchling you’ll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation to keep up with the company as we experience growth. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data.

• Partnering with both the Product Design and Software Engineering organization's security and privacy initiatives, leading security design reviews, and threat modeling.
• Performing code reviews of our own and partners’ services and apps.
• Collaborating with engineers on the best ways to mitigate vulnerabilities and reduce risk.
• Participating in our incident response and vulnerability remediation efforts.
• Integrating external and internal security tools and automation into development and build environments
• Developing lightweight SDLC processes to embed into Product Design and Software Engineering workflows.
• Developing secure coding and design practices and training engineering teams.
• Performing black-box and gray-box penetration testing of our applications and services.
• Helping to scale our team. As a member of the security team, you'll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring.

• 3+ years work experience in an application security or product security role including experience with secure code reviews, threat modeling, pentesting, application security tooling and automation.
• Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand.
• In-depth experience finding AND fixing web application security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
• Relevant development experience in multiple programming languages, preferably: Python, Javascript/Typescript, PHP, Java, Laravel
• Strong, general knowledge of the browser security model, modern network security, and cloud (AWS ideally) security.
• Experience with vulnerability management and risk assessment processes. 
• Technical leadership skills; you enjoy evangelizing security and privacy.
• Comfortable with complexity in the short term but can build towards simplicity in the long term.

Benchling takes a market-based approach to pay.  The candidate's starting pay will be determined based on job-related skills, experience, qualifications, interview performance, and work location. For this role the base salary range is: 

• ZONE 1: $162,265 to $219,535
• ZONE 2: $150,906 to $204,167
• ZONE 3: $146,038 to $197,581

To help you determine which zone applies to your location, please see this resource. If you have questions regarding a specific location's zone designation, please contact a recruiter for additional information.

Total Compensation includes the following:

• Competitive salary and equity
• 100% premiums covered for health, dental, and vision for employees
• Fertility healthcare and family-forming benefits
• Four months of fully paid parental leave
• 401(k) + Employer Match
• Commuter benefits
• Home office stipend
• Mental health benefits + Wellness stipend
• Learning and development stipend
• Generous PTO
• Company-wide Summer & Winter holiday shutdown
• Sabbaticals for 5-year and 10-year anniversaries

#LI-KW1 #LI-Remote