Head of Security Operations
Description
Over the next 10 years, biotech will fundamentally rewrite the way we live. Gene editing and cell therapy will dramatically change how we treat cancer and other major illnesses. Biofuels and biomaterials will transform the cars we drive, the clothes we wear, and the makeup of everyday objects. Crop science and synthetic biology will produce sustainable and ethical food. Benchling’s mission is to accelerate the research that propels us towards this future, and magnify its impact, through modern software.
Every day, scientists around the world use Benchling in their efforts to solve humanity's most pressing problems. For these scientists, Benchling is the central technology they use to conduct their research.
Benchling was founded by a team of MIT graduates and has raised funding from Benchmark, Andreessen Horowitz, Thrive Capital, and Y Combinator. Our customers include pharmaceutical giants, leading biotechs, and the world's most renowned research institutes.
Responsibilities
- Lead security strategy for threat detection and response, understanding current and future customer needs and how that overlays with modern threats and risks.
- Be the thought leader on threat detection, security data analytics, security data engineering, security response, incident response, etc. and know the competitive landscape, industry norms, etc.
- Lead and develop team(s) of engineers that will partner with the Product Design, Software Engineering, Infrastructure Engineering, Information Technology, and Marketing on understanding threats and risks, detection and response, mitigation and recovery.
- Develop processes and standard workflows for ingesting data, data analysis, data enrichment, security investigations, case management, incident management, etc.
- Partner with Product, Engineering, and IT leaders to define how security workflows can be integrated with their respective workflows.
- The team researches new attack vectors and techniques relevant to our space and presents findings to both internal and external audiences.
- The team researches known vulnerabilities and collaborates with engineers on the best ways to mitigate and reduce risk.
- The team evaluates external tooling, develops new automation and tooling.
- Interface with customers’ security teams when they are scoping and performing security assessments.
- Guide engineers and teams through both technical and professional development.
- Recruit, lead, and develop team(s) to provide for company outcomes, customer outcomes, and team member outcomes.
Minimum Qualifications
- B.S. / M.S. in Computer Science or related experience.
- 3-5+ years of security incident response management experience
- Experience leading and managing multiple ICs and managers
- 5-7+ years work experience in a DFIR role
- 5-7+ years with security data and tooling engineering experience
- 5-7+ years of experience working with security in AWS environments
- Relevant automation experience (preferably Python)
- In-depth experience with alert engineering, triaging, investigations, and response actions.
- Experience working with state and federal law enforcement, external workgroups on coordinated response.
- Strong knowledge of the browser security model, modern network security, and cloud security.
- Strong understanding of risk evaluation and working with executive / senior leadership on risk decisions.
Bonus Points
- GCFA, GBFA (or similar) certification
- Threat Intelligence experience
- OSCP (or similar) certification
- Red Team experience
- Software engineering experience
- Cloud / Infra engineering experience
- Contributions to the security community via talks, papers, blogs, projects, CVEs, etc.
- Technical leadership skills (you enjoy being a tech lead, mentoring technologists, evangelizing security and privacy)
- A good sense of humor!
OUR VALUES
- Empower through information. We explain the “why” behind every decision, unless there are highly sensitive circumstances. We're honest about how we're doing, especially in difficult times. We believe that sharing information builds trust and enables better decision-making.
- Rely on tenacity. Hard work is one of the greatest factors to determine success and is fully under our control. We must make the most of every day by bringing the highest level of determination. Dreaming big is not enough.
- Raise the bar. Pushing ourselves and others to improve will be uncomfortable and at times result in failure. However, it's critical to our success. We're dedicated to creating a place where everyone feels challenged to improve.
- Build a lever. We choose to build tools and infrastructure that will help others make world-changing innovations. There's less glory in it, but in the words of Archimedes, "Give me a lever long enough and a fulcrum on which to place it, and I shall move the world."
PERKS AND BENEFITS
- Work with a talented yet humble team
- Competitive compensation & equity package
- Monthly health & wellness stipend
- 401k
- Medical, dental, and vision insurance
- Weekly virtual social events, and annual company retreats
- *$1,000 work-from-home stipend
*In following best practices and safety protocols, all Benchling employees are expected to work remotely until we are further advised that it is safe for employees to resume work in their respective office locations. To support remote work conditions, Benchling provides each employee a one-time stipend of $1,000 upon commencing employment, and additional discounted employee purchase plans for home-office equipment.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
We also consider for employment qualified applicants with arrest and conviction records, consistent with applicable federal, state and local law, including but not limited to the San Francisco Fair Chance Ordinance.