Job Description
We are rebuilding biotech for the AI era.
When a breakthrough is delayed the world waits. Getting a molecule from discovery to patients or a crop from lab to field involves thousands of slow manual disconnected steps. AI has the potential to change this compressing decades of R&D work into years. But that only happens when clean structured scientific data and AI are built into how science gets done.
Benchling is the AI platform for biotech R&D. Scientists use Benchling to design experiments capture structured data and run AI agents and models directly in their workflows. Over 200000 scientists around the world trust Benchling to power their most important work from academic labs to Sanofi Moderna and more than half of the world's top 50 biopharma.
We’re building an AI scientist for our customers. We can’t do that if we haven’t built the muscle ourselves. AI fluency is the foundation we build on; it's core to how we work and we're committed to helping every new hire integrate it into their day-to-day. As part of our interview process you'll complete a brief AI-focused exercise or discussion so we can understand how you think about and use AI to drive impact in your role. Feel free to reference any tools platforms or workflows you use today.
As an Enterprise Security Engineer at Benchling you’ll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation and AI. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data.
Drive the organization's zero trust strategy end to end — treating identity device health network context and application sensitivity as continuous inputs to access decisions rather than one-time gates
Design and maintain least-privilege access patterns Just-in-Time (JIT) access and Privileged Access Management (PAM) controls
Deploy configure and maintain MDM infrastructure for the macOS fleet ensuring device compliance feeds directly into zero trust access policy decisions
Enforce SSO-required policies review and restrict OAuth scopes and audit third-party integration access
Build processes and tooling to detect shadow IT unauthorized OAuth app grants and SaaS tools that bypass identity controls
Evaluate and deploy AI-native security tooling where it demonstrably reduces analyst burden or closes coverage gaps faster than traditional approaches
Define and enforce security standards for AI agent and LLM service identities — including scoped API keys short-lived credentials and workload identity federation
Develop and enforce CIS/NIST-aligned configuration baselines
Meaningfully reduce manual toil through automation and where applicable AI-assisted tooling
5+ years in a security engineering or IAM-focused role
Deep hands-on IdP expertise (preferably Okta) — SSO SCIM MFA Lifecycle Management and NHI management are all areas you can speak to with depth and demonstrate in practice
Demonstrated experience implementing zero trust architecture in practice — not just familiarity with the framework but hands-on delivery of continuous verification device trust integration and least-privilege enforcement across an organization
Strong working knowledge of identity protocols: SAML OIDC OAuth 2.0 and SCIM
Proficiency managing macOS endpoints at scale using Fleet or an equivalent MDM platform
Foundational cloud IAM experience across at least one major provider (AWS GCP or Azure) — enough to audit scope and remediate identity issues
Demonstrated track record of building automation that eliminated recurring manual work
Scripting proficiency in in at least one language preferably Python
Excellent communication skills with the ability to engage effectively with both technical teams and non-technical stakeholders.
Strong understanding of operating systems fundamentals (MacOS/Linux/Windows)
Preferred
Experience with ZTNA platforms (Cloudflare Access Zscaler Private Access Tailscale or similar) and the operational patterns around replacing VPN with identity-aware access
Hands-on use of AI coding assistants (Copilot Claude Cursor or similar) to increase velocity
Experience governing AI/ML service identities or securing LLM API integrations
Familiarity with PAM solutions such as HashiCorp Vault AWS Secrets Manager or Okta Privileged Access
Okta Certified Administrator Okta Certified Consultant or equivalent certification
#LI-CG1
Benchling welcomes everyone.
We believe diversity enriches our team so we hire people with a wide range of identities backgrounds and experiences.
We are an equal opportunity employer. That means we don’t discriminate on the basis of race religion color national origin gender sexual orientation age marital status veteran status or disability status. We also consider for employment qualified applicants with arrest and conviction records consistent with applicable federal state and local law including but not limited to the San Francisco Fair Chance Ordinance.
Skills Required
- 5+ years in a security engineering or IAM-focused role
- Deep hands-on IdP expertise (preferably Okta)
- Experience implementing zero trust architecture
- Strong working knowledge of identity protocols: SAML OIDC OAuth 2.0 SCIM
- Proficiency managing macOS endpoints using an MDM platform
- Foundational cloud IAM experience across at least one major provider
- Experience building automation to eliminate recurring work
- Scripting proficiency in at least one language preferably Python
- Excellent communication skills
What the Team is Saying
Benchling Compensation & Benefits Highlights
- Healthcare Strength—Medical dental and vision coverage include multiple plan options with some offering low or $0 employee-only premiums. Dedicated mental-health access provides therapy and coaching sessions as part of the core offering.
- Parental & Family Support—Parental leave is presented as fully paid for roughly four months and fertility and family-forming support is provided through dedicated programs. Supportive elements like an onsite mother’s room and inclusive coverage further reinforce family focus.
- Leave & Time Off Breadth—Flexible or “unlimited” PTO is paired with a company-wide winter shutdown and access to sabbaticals at longer tenure milestones. Volunteer time-off options add depth to the time-off mix.
Benchling Insights
What We Do
Biotechnology is rewriting life as we know it from the medicines we take to the crops we grow and the household goods that we rely on every day. But moving at the new speed of science requires better technology. Benchling’s mission is to unlock the power of biotechnology. The world’s most innovative biotech companies use Benchling’s R&D Cloud to power the development of breakthrough products. Help us bring modern software to modern science. We’re on Team Science We believe in the promise of science and the teamwork required to fulfill that promise. Whether your background is in science engineering business or another field you’re on Team Science if you believe in the power of science to solve the world’s most pressing problems.
Why Work With Us
Everyday at Benchling you’re surrounded by talented people who are really excited about the work they’re doing and the impact they’re having. It’s truly uplifting to work on a product that you can believe in and to work alongside colleagues who are energized by the shared vision of a future with less disease and greater sustainability.
Gallery
Benchling Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Explore More
Date Posted
05/13/2026
Views
0