Detection and Response Engineer

Posted 26 July 2022
Salary Competitive
LocationSan Francisco
DisciplineCyber Security
Contact NameKatie Boynton
Remote working Hybrid/Flexible

Job description

- Hybrid out of Bay Area - 

As a Detection and Response Engineer at Benchling you’ll be joining a team responsible for building a best-in-class security program from the ground up. Our focus is on providing value to the organization by emphasizing real world security and embracing automation to keep up with the company as we experience hypergrowth. We’re looking for engineers who are excited to apply their expertise to our mission of securing some of society's most sensitive data.



  • Investigating security events across the organization using your experience and knowledge in multiple security domains (log analysis, digital forensics, or malware analysis).

  • Creating, deploying and maintaining high signal threat detections based on your understanding of threat actor TTPs.

  • Architecting a highly scalable incident response process by developing, applying and refining automation for steps of the Incident Response life cycle

  • Coordinating cross functional incident response during security incidents, assisting partner teams during non-security incidents

  • Researching new detection mechanisms for attack vectors and techniques relevant to our space and presenting findings to both internal and external audiences. 

  • Evaluating external tooling, developing new automation and tooling.

  • Helping to rapidly scale our team. As a member of the security team, you'll be an integral part of how we mature our own tooling, best practices, engineering processes, and hiring.



  • 2-8 years of Detection and Response (Detection Engineering, Digital Forensics, Incident Response, and/or Threat Intelligence) 

  • Strong communicator with both words and data - you have experience communicating to a wide variety of stakeholders under varying conditions

  • Experience as an incident responder responsible for leading multi-team incidents

  • Technical innovation skills (you enjoy finding technical solutions, learning new technology, evangelizing security and privacy)

  • Ability to move forward major projects in ambiguous situations through influence and not authority.

  • Practical experience with attacker tactics, techniques, and procedures

  • Comfortable with complexity in the short term but can build towards simplicity in the long term

  • Experience with cloud environments and automation

  • Relevant development experience in at least one scripting language, preferably Python

  • Plus: Contributions to the security community via talks, papers, blogs, projects, CVEs, etc.


Benchling welcomes everyone. 

We believe diversity enriches our team so we hire people with a wide range of identities, backgrounds, and experiences. Even if you don't meet 100% of the qualifications for this job, we strongly encourage you to apply.


We are an equal opportunity employer. That means we don’t discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We also consider for employment qualified applicants with arrest and conviction records, consistent with applicable federal, state and local law, including but not limited to the San Francisco Fair Chance Ordinance.


Our leadership principles guide how all Benchlings can lead by example:

  • Admit mistakes and shortcomings

  • Deliver results

  • Disagree and commit

  • Obsess over customers

  • Rely on work ethic

  • Show empathy

  • Recruit and develop the best

  • Sweat the details

  • Think and communicate clearly

  • Unite around the mission

For applicants for U.S.-based roles only: All new hires in the United States are required to be fully vaccinated against COVID-19 and to provide proof of vaccination prior to their first day of employment. If you are unable to be vaccinated for medical or religious reasons, we will explore potential reasonable accommodations; however, Benchling may not be able to grant such accommodations in all cases if doing so would cause undue hardship.