wagey.ggwagey.gg
38,923  jobs38,923  jobs
Browse Tech JobsCompaniesFeaturesPricingFAQs
Log InGet Started Free
Jobs(38,923)/Security Engineer Role(514)/benchling (11) - Enterprise Security Engineer
benchling

benchling - Enterprise Security Engineer

United States$176k - $300k1mo ago
RemoteSeniorNACloud ComputingArtificial IntelligenceSecurity EngineerAssociatePythonAzureAWSGCPLinux

Requirements

• 5+ years in a security engineering or IAM-focused role • Deep, hands-on IdP expertise (preferably Okta) — SSO, SCIM, MFA, Lifecycle Management, and NHI management are all areas you can speak to with depth and demonstrate in practice • Demonstrated experience implementing zero trust architecture in practice — not just familiarity with the framework, but hands-on delivery of continuous verification, device trust integration, and least-privilege enforcement across an organization • Strong working knowledge of identity protocols: SAML, OIDC, OAuth 2.0, and SCIM • Proficiency managing macOS endpoints at scale using Fleet or an equivalent MDM platform • Foundational cloud IAM experience across at least one major provider (AWS, GCP, or Azure) — enough to audit, scope, and remediate identity issues • Demonstrated track record of building automation that eliminated recurring manual work • Scripting proficiency in in at least one language, preferably Python • Excellent communication skills, with the ability to engage effectively with both technical teams and non-technical stakeholders. • Strong understanding of operating systems fundamentals (MacOS/Linux/Windows) • Experience with ZTNA platforms (Cloudflare Access, Zscaler Private Access, Tailscale, or similar) and the operational patterns around replacing VPN with identity-aware access • Hands-on use of AI coding assistants (Copilot, Claude, Cursor, or similar) to increase velocity • Experience governing AI/ML service identities or securing LLM API integrations • Familiarity with PAM solutions such as HashiCorp Vault, AWS Secrets Manager, or Okta Privileged Access • Okta Certified Administrator, Okta Certified Consultant, or equivalent certification • Benchling welcomes everyone. • We believe diversity enriches our team so we hire people with a wide range of identities, backgrounds, and experiences.

Responsibilities

• Drive the organization's zero trust strategy end to end — treating identity, device health, network context, and application sensitivity as continuous inputs to access decisions rather than one-time gates • Design and maintain least-privilege access patterns, Just-in-Time (JIT) access, and Privileged Access Management (PAM) controls • Deploy, configure, and maintain MDM infrastructure for the macOS fleet, ensuring device compliance feeds directly into zero trust access policy decisions • Enforce SSO-required policies, review and restrict OAuth scopes, and audit third-party integration access • Build processes and tooling to detect shadow IT, unauthorized OAuth app grants, and SaaS tools that bypass identity controls • Evaluate and deploy AI-native security tooling where it demonstrably reduces analyst burden or closes coverage gaps faster than traditional approaches • Define and enforce security standards for AI agent and LLM service identities — including scoped API keys, short-lived credentials, and workload identity federation • Develop and enforce CIS/NIST-aligned configuration baselines • Meaningfully reduce manual toil through automation and, where applicable, AI-assisted tooling

Benefits

• Zone 1$189K – $256K • Offers Equity • Zone 2$176K – $238K • Offers Equity • Zone 3$200K – $300K • Offers Equity • Full-time U.S. employees enjoy a comprehensive benefits program including equity, health, dental, vision, 401(k)+ employer match, wellness, commuter, and more. • Benchling takes a market-based approach to pay. The candidate's starting pay will be determined based on job-related skills, experience, qualifications, interview performance, and work location. • Upload your resume here to autofill key application fields. • Drop your resume here! • Parsing your resume. Autofilling key fields... • or drag and drop here • Can work for any employer • Can work for current employer • Seeking work authorization • They/Them/Theirs • Prefer not to answer • I'd like to discuss this further • Non-Binary, Non-Conforming • Decline to Self Identify • I am not a protected Veteran • I identify as one or more of the classifications of a protected veteran • I don't wish to answer • Voluntary Self-Identification of Disability • Form CC-305 Page 1 of 1 • OMB Control Number 1250-0005. Expires 04/30/2026 • Why are you being asked to complete this form? • We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. • Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp. • How do you know if you have a disability? • A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to: • Disabilities include, but are not limited to: • Alcohol or other substance use disorder (not currently using drugs illegally) • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS • Blind or low vision • Cancer (past or present) • Cardiovascular or heart disease • Deaf or serious difficulty hearing • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders • Epilepsy or other seizure disorder • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome • Intellectual or developmental disability • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD • Missing limbs or partially missing limbs • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS) • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities • Partial or complete paralysis (any cause) • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema • Short stature (dwarfism) • Traumatic brain injury • Yes, I have a disability, or have had one in the past • No, I do not have a disability and have not had one in the past • I don't want to answer • Recruiting Privacy Policy

Apply in one click

Upload My Resume

Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT

Apply in One Click
Apply in One Click

Similar roles

Keeper SecurityKeeper Security - Senior Vulnerability Engineer2mo ago
·Remote, US - Hybrid·$48k - $48k/year
In OfficeNASeniorCybersecurityCloud ComputingSecurity EngineerPythonGCPAWSAzureSplunk
OpenAIOpenAI - Security Engineer, Agent Security2w ago
·San Francisco, California, United States·$234k - $385k/year
In OfficeNACloud ComputingArtificial IntelligenceSecurity EngineerGoRustC++PythonAWSAzureGCP
NICENICE - Senior Information Security Engineer3w ago
·United Kingdom - London; United Kingdom - Southampton
In OfficeEMEASeniorCybersecurityCloud ComputingSecurity EngineerInfoSec EngineerAssociateAWSAzureGCP
IonQIonQ - Senior Security Engineer1mo ago
·College Park, Maryland, United States; Louisville, Colorado, United States; Remote, US - Hybrid·$127k - $166k/year
In OfficeNASeniorCloud ComputingSoftwareSecurity EngineerBashPythonPowerShellAWSAzure
Endeavour. Inspired Infrastructure.Endeavour. Inspired Infrastructure. - Senior Security Engineer1mo ago
·Remote - USA
RemoteNASeniorCybersecurityCloud ComputingSecurity EngineerBashPythonAWSAzureReporting
GitLabGitLab - Senior Security Engineer, Security Incident Response Team (SIRT)1mo ago
·Remote - USA·$139k - $139k/year + Equity
RemoteNASeniorCloud ComputingGovernmentSecurity EngineerGitAWSGCPPythonDocumentation
SierraSierra - Security Engineer5mo ago
·San Francisco, CA, United States·$200k - $330k/year + Equity
In OfficeNAPrincipalArtificial IntelligenceCloud ComputingRetailSecurity EngineerAWSAzureGCPPerformance ReviewsTerraform
HuntressHuntress - Senior Offensive Security Engineer1mo ago
·Remote - US; United States of America·$170k - $185k/year + Equity
RemoteNASeniorCloud ComputingArtificial IntelligenceSecurity EngineerReportingAWSAzureDocumentation
Ethos LifeEthos Life - AI Red Team Security Engineer1w ago
·Remote - USA·$152k - $269k/year + Equity
RemoteNASeniorCloud ComputingArtificial IntelligenceSecurity EngineerAWSDockerKubernetesGovernanceWagmiPhoenixRESTGCPAzureGraphQL

Browse more by category

Show 514 moreSecurity EngineerShow 1,057 moreAssociateShow 6,205 morePythonShow 1,615 moreAzureShow 3,747 moreAWSShow 1,526 moreGCPShow 962 moreLinux
Privacy·Terms··Contact·FAQ·Wagey on X