Application Security Engineer
Application Security Engineer
Application Security Engineer
Benchling
Benchling is seeking an Application Security Engineer to join their team focused on maintaining a top-tier security program. The role emphasizes real-world security and automation to protect sensitive data in the biotechnology sector.
Qualification
- 2+ years work experience in an application security or product security role including experience with secure code reviews, threat modeling, pentesting, application security tooling and automation.
- Strong communicator with the ability to translate technical security requirements and risks into terms that anyone can understand.
- Experience finding AND fixing web application security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
- Experience with at least one scripting language, preferably Python.
- Knowledge of the browser security model, modern network security, AI and cloud (AWS ideally) security is a plus.
- Experience with vulnerability management.
Responsibility
- Building and integrating external and internal security tools and automation into development and build environments.
- Developing lightweight processes to embed security in the SDLC workflow.
- Collaborating with engineers on the best ways to mitigate vulnerabilities and reduce risk.
- Performing code reviews of our services and apps.
- Partnering with both the Product Design and Software Engineering organization's security and privacy initiatives, leading security design reviews, and threat modeling.
- Participating in incident response and vulnerability remediation efforts.
- Developing secure coding and design practices and training engineering teams.
- Performing black-box and gray-box penetration testing of applications and services.
