Job description
Over the next 10 years, biotech will fundamentally rewrite the way we live. Gene editing and cell therapy will dramatically change how we treat cancer and other major illnesses. Biofuels and biomaterials will transform the cars we drive, the clothes we wear, and the makeup of everyday objects. Crop science and synthetic biology will produce sustainable and ethical food. Benchling’s mission is to accelerate the research that propels us towards this future, and magnify its impact, through modern software.
Every day, scientists around the world use Benchling in their efforts to solve humanity's most pressing problems. For these scientists, Benchling is the central technology they use to conduct their research.
Benchling was founded by a team of MIT graduates and has raised funding from Benchmark, Andreessen Horowitz, Thrive Capital, and Y Combinator. Our customers include pharmaceutical giants, leading biotechs, and the world's most renowned research institutes.
ROLE OVERVIEW
As a Cloud Security Engineer at Benchling you’ll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation to keep up with the company as we experience hypergrowth. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data
YOU MIGHT WORK ON
Partnering with the Product Infrastructure Engineering teams on security and privacy initiatives, leading security design reviews, and threat modeling.
Collaborating with other Security and Engineering teams to improve visibility of cloud resources.
Performing assessments of cloud infrastructure supporting our product offerings and partner apps, including SaaS and PaaS.
Researching new attack vectors and techniques relevant to our space and present findings to both internal and external audiences.
Researching known vulnerabilities and collaborate with engineers on the best ways to mitigate and reduce risk.
Participating in our incident response and vulnerability remediation efforts.
Evaluating external tooling, develop new automation and tooling.
Partnering with Product Infrastructure Engineering on evolving the CI/CD pipeline to meet modern security threats and risks.
Developing secure baselines and standards for cloud based infrastructure and train engineering teams on their usage.
Helping to rapidly scale our team. As a member of the security team, you'll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring.
ABOUT YOU
5-10+ years in a security engineering role with experience in cloud security reviews and ideally threat modeling experience
Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand
In-depth knowledge of AWS cloud infrastructure, docker and it’s associated security suites (e.g., IAM, GuardDuty, Inspector, CloudTrail, CloudWatch, etc.)
Terraform and/or CloudFormation experience
Relevant development experience in at least one scripting language, preferably Python
Experience with vulnerability management and risk assessment processes
Technical leadership skills; you enjoy being a tech lead, mentoring technologists, evangelizing security and privacy
Comfortable with complexity in the short term but can build towards simplicity in the long term