Senior Software Engineer, Security (Remote)

Toronto, Ontario /
Engineering – Core Services /
Full-time (Remote)
BenchSci is a remote first organization. At this moment, we are welcoming applicants from Canada, the US and the UK for this position. 

BenchSci's vision is to help scientists bring novel medicine to patients 50% faster by 2025. We empower scientists to run more successful experiments with the world's most advanced, biomedical artificial intelligence software platform. 
Backed by F-Prime, Inovia, Golden Ventures, and Google's AI fund, Gradient Ventures, we provide an indispensable tool for scientists that accelerates research at 16 top 20 pharmaceutical companies and over 4,300 leading academic centers. We're a certified Great Place to Work®, and top-ranked company on Glassdoor.

We are looking for a Senior Security Engineer to join our growing Infrastructure & Security team! Reporting to the team’s Engineering Manager, you will help validate that BenchSci's services are implemented to the highest security standards. You will also analyze the security of applications and services, discover and address security issues, build security automation, and quickly react to new threat scenarios. Importantly, you will take the lead on all security-related matters and help us to ensure that all classified client data is kept confidential.

You Will:

    • Perform application security reviews
    • Drive outcomes with stakeholders to improve our application security posture
    • Create application security guidance and best practices documentation 
    • Build and manage tools and libraries to help developers create secure software
    • Champion security at BenchSci
    • Maintain and improve the GDPR and SOC2 security compliance tracking and remediation efforts
    • Triage and drive resolutions for security vulnerabilities in the BenchSci Platform
    • Lead security engagements like third-party penetration tests and tabletop exercises
    • Uncover infrastructure and application level vulnerabilities as part of internal audits
    • Conduct system design reviews and guide engineers in building security into our architecture

You Have:

    • 4+ years working as a software engineer with at least 2 years of experience in security 
    • Experience in dealing with internal/external security audits and penetration tests
    • Experience with any combination of the following: threat modelling experience, secure coding and SDLC practices, OWASP Top 10 application security risks, and network security
    • An understanding of network and web-related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, and routing protocols)
    • Experience configuring and tuning application security testing tools (SCA, SAST, and DAST)
    • An understanding of web services and an ability to reason the application code that drives them
    • Experience with Infrastructure as Code tools such as Terraform, CloudFormation or Config Connector
    • Knowledge of industry security frameworks like the CIS Benchmarks or OWASP ASVS
    • A background in security and compliance audits such as GDPR and SOC2

Nice to haves, but not required:

    • Experience in penetration testing
    • Experience in securing GCP or AWS environments
    • Experience in Python
    • Experience with Kubernetes
Benefits and Perks:
An engaging remote-first culture 
A competitive compensation package that includes BenchSci equity options
Comprehensive health and dental benefits 
Emphasis on mental health with $2500 CAD (or equivalent in your country’s currency) for Psychologist, Social Worker, or Psychotherapist services
Three weeks of vacation plus an additional day for every completed year
Unlimited flex time to use toward sick days, personal days, religious holidays, birthdays and appointments
Additional time-off: 2 weeks for Winter Holidays, every other Friday in July and August, your birthday, and more!
Generous parental leave benefits with a top-up plan or paid time off options
A $2000 CAD (or equivalent in your country’s currency) Annual Learning & Development budget
A $1000 CAD (or equivalent in your country’s currency) work from home allowance to make your home setup perfect for you
A lifestyle spending account for employees to receive reimbursement for eligible expenses related to wellness, lifestyle and productivity $2500 CAD  (or equivalent in your country’s currency) per year

Our Culture:
At BenchSci, we’re committed to cultivating an inspiring, inclusive, and equitable work environment for high performing, ego-free, self-starting individuals with a growth mindset, who enjoy the challenge of solving hard problems. We recognize that everyone here is a person first and an employee second. We want people to feel cared for and supported to bring the best versions of themselves to work and help the company achieve its mission. We believe culture is critical to success and invest accordingly. 
We live and promote our FASTT values of Focused, Advancement with Speed, Tenacity, and Transparency. We work hard to maintain an engaging, supportive environment where everyone can do their best work. To learn more, read our culture deck.

Diversity, Equity and Inclusion:
We're committed to creating an inclusive environment where people from all backgrounds can thrive. We believe that improving diversity, equity and inclusion is our collective responsibility, and this belief guides our DEI journey. To learn more, read about our DEI initiatives.

Accessibility Accommodations:
BenchSci provides accessibility accommodations during the recruitment process. Should you require any accommodation, we will work with you to meet your needs.

BenchSci is a remote first organization. At this moment, we are welcoming applicants from Canada, the US and the UK for this position.