Application Security Engineer

Confirmed live in the last 24 hours

Locations

Dorchester, Boston, MA, USA

Experience Level

Entry

Junior

Mid

Senior

Expert

Desired Skills

AWS

JavaScript

Java

PHP

Product Design

Python

TypeScript

Requirements

4+ years work experience in an application security or product security role including experience with secure code reviews, threat modeling, pentesting, application security tooling and automation
Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand
In-depth experience finding AND fixing web application security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25
Relevant development experience in multiple programming languages, preferably: Python, Javascript/Typescript, PHP, Java, Laravel
Strong, general knowledge of the browser security model, modern network security, and cloud (AWS ideally) security
Experience with vulnerability management and risk assessment processes
Technical leadership skills; you enjoy evangelizing security and privacy
Comfortable with complexity in the short term but can build towards simplicity in the long term
ZONE 1: $162,265 to $219,535
ZONE 2: $150,960 to $204,240
ZONE 3: $146,115 to $197,685

Responsibilities

Partnering with both the Product Design and Software Engineering organization's security and privacy initiatives, leading security design reviews, and threat modeling
Performing code reviews of our own and partners' services and apps
Collaborating with engineers on the best ways to mitigate vulnerabilities and reduce risk
Participating in our incident response and vulnerability remediation efforts
Integrating external and internal security tools and automation into development and build environments
Developing lightweight SDLC processes to embed into Product Design and Software Engineering workflows
Developing secure coding and design practices and training engineering teams
Performing black-box and gray-box penetration testing of our applications and services
Helping to scale our team. As a member of the security team, you'll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring

Biotechnology is rewriting life as we know it, from the medicines we take, to the crops we grow, the materials we wear, and the household goods that we rely on every day. But moving at the new speed of science requires better technology.

Benchling’s mission is to unlock the power of biotechnology. The world’s most innovative biotech companies use Benchling’s R&D Cloud to power the development of breakthrough products and accelerate time to milestone and market.

Come help us bring modern software to modern science.

ROLE OVERVIEW

As an Application Security Engineer at Benchling you’ll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation to keep up with the company as we experience growth. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society’s most sensitive data.

RESPONSIBILITIES

Partnering with both the Product Design and Software Engineering organization’s security and privacy initiatives, leading security design reviews, and threat modeling.
Performing code reviews of our own and partners’ services and apps.
Collaborating with engineers on the best ways to mitigate vulnerabilities and reduce risk.
Participating in our incident response and vulnerability remediation efforts.
Integrating external and internal security tools and automation into development and build environments
Developing lightweight SDLC processes to embed into Product Design and Software Engineering workflows.
Developing secure coding and design practices and training engineering teams.
Performing black-box and gray-box penetration testing of our applications and services.
Helping to scale our team. As a member of the security team, you’ll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring.

QUALIFICATIONS

4+ years work experience in an application security or product security role including experience with secure code reviews, threat modeling, pentesting, application security tooling and automation.
Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand.
In-depth experience finding AND fixing web application security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
Relevant development experience in multiple programming languages, preferably: Python, Javascript/Typescript, PHP, Java, Laravel
Strong, general knowledge of the browser security model, modern network security, and cloud (AWS ideally) security.
Experience with vulnerability management and risk assessment processes.
Technical leadership skills; you enjoy evangelizing security and privacy.
Comfortable with complexity in the short term but can build towards simplicity in the long term.

SALARY RANGE

Benchling takes a market-based approach to pay. The candidate’s starting pay will be determined based on job-related skills, experience, qualifications, interview performance, and work location. For this role the base salary range is:

ZONE 1: $162,265 to $219,535
ZONE 2: $150,960 to $204,240
ZONE 3: $146,115 to $197,685

To help you determine which zone applies to your location, please see this resource. If you have questions regarding a specific location’s zone designation, please contact a recruiter for additional information.

Total Compensation includes the following:

Competitive salary and equity
100% premiums covered for health, dental, and vision for employees
Fertility healthcare and family-forming benefits
Four months of fully paid parental leave
401(k) + Employer Match
Commuter benefits
Home office stipend
Mental health benefits + Wellness stipend
Learning and development stipend
Generous PTO
Company-wide Summer & Winter holiday shutdown
Sabbaticals for 5-year and 10-year anniversaries

#LI-KW1 #LI-Remote

Benchling welcomes everyone.

We believe diversity enriches our team so we hire people with a wide range of identities, backgrounds, and experiences.

We are an equal opportunity employer. That means we don’t discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We also consider for employment qualified applicants with arrest and conviction records, consistent with applicable federal, state and local law, including but not limited to the San Francisco Fair Chance Ordinance.

For applicants for U.S.-based roles only:All new hires in the United States are required to be fully vaccinated against COVID-19 and to provide proof of vaccination prior to their first day of employment. If you are unable to be vaccinated for medical or religious reasons, we will explore potential reasonable accommodations; however, Benchling may not be able to grant such accommodations in all cases if doing so would cause undue hardship.

501-1,000 employees

Website

Cloud platform for life science R&D

Company Overview

Benchling's mission is to accelerate life science for the benefit of humanity. The company is building a modern R&D software for biotechnology research.

Benefits

Four months of fully paid parental leave
401(k) plan
Remote working stipend
Yearly company-wide retreat
Monthly gym and wellness stipend
Commuter benefits
100% premiums covered for health, dental, and vision
Weekly company social events
Flexible PTO and company-wide winter holiday shutdown

Company Core Values

Build a Lever - We choose to build tools and infrastructure that will help others make world-changing innovations.
Empower through Information - We believe that sharing information builds trust and enables better decision-making.
Rely on Tenacity - Dreaming big isn’t enough. We must make the most of every day by bringing the highest level of determination to our work.
Raise the Bar - We’re dedicated to creating a place where everyone feels challenged to improve.