Skip to content
BenchlingBenchlingSan Francisco, CA

Enterprise Security Engineer

Enterprise Security Engineer building zero trust architecture, IAM controls, and macOS MDM at a biotech AI platform. Requires 5+ years security/IAM experience with deep Okta and identity protocol expertise.

189k – 256k/yr
Hybrid5+ YOESecurity Engineering

About the role

Responsibilities

  • Drive the organization's zero trust strategy end to end — treating identity, device health, network context, and application sensitivity as continuous inputs to access decisions
  • Design and maintain least-privilege access patterns, Just-in-Time (JIT) access, and Privileged Access Management (PAM) controls
  • Deploy, configure, and maintain MDM infrastructure for the macOS fleet, ensuring device compliance feeds directly into zero trust access policy decisions
  • Enforce SSO-required policies, review and restrict OAuth scopes, and audit third-party integration access
  • Build processes and tooling to detect shadow IT, unauthorized OAuth app grants, and SaaS tools that bypass identity controls
  • Evaluate and deploy AI-native security tooling where it demonstrably reduces analyst burden or closes coverage gaps faster than traditional approaches
  • Define and enforce security standards for AI agent and LLM service identities — including scoped API keys, short-lived credentials, and workload identity federation
  • Develop and enforce CIS/NIST-aligned configuration baselines
  • Meaningfully reduce manual toil through automation and, where applicable, AI-assisted tooling

Requirements

  • 5+ years in a security engineering or IAM-focused role
  • Deep, hands-on IdP expertise (preferably Okta) — SSO, SCIM, MFA, Lifecycle Management, and NHI management
  • Demonstrated experience implementing zero trust architecture in practice — continuous verification, device trust integration, and least-privilege enforcement
  • Strong working knowledge of identity protocols: SAML, OIDC, OAuth 2.0, and SCIM
  • Proficiency managing macOS endpoints at scale using Fleet or an equivalent MDM platform
  • Foundational cloud IAM experience across at least one major provider (AWS, GCP, or Azure)
  • Demonstrated track record of building automation that eliminated recurring manual work
  • Scripting proficiency in at least one language, preferably Python
  • Excellent communication skills
  • Strong understanding of operating systems fundamentals (macOS/Linux/Windows)

Nice-to-Haves

  • Experience with ZTNA platforms (Cloudflare Access, Zscaler Private Access, Tailscale, or similar)
  • Hands-on use of AI coding assistants (Copilot, Claude, Cursor, or similar)
  • Experience governing AI/ML service identities or securing LLM API integrations
  • Familiarity with PAM solutions such as HashiCorp Vault, AWS Secrets Manager, or Okta Privileged Access
  • Okta Certified Administrator, Okta Certified Consultant, or equivalent certification

Skills

OktaSSOSCIMMFAZero TrustSAMLOIDCOauth 2.0MDMFleetAWSGCPAzurePythonPam
Harvey

Detection & Response Security Engineer

HarveySan Francisco, CA +1

Offensive-minded blue teamer building and leading Harvey's Detection & Response program. Develop threat scenarios, detection rules, data pipelines on ClickHouse, and lead incident response for their AI platform. Requires 4+ years in security/SRE/software engineering with hands-on incident response and weakness discovery experience.

188k – 282k/yr
Hybrid4+ YOESecurity Engineering
Airtable

Product Security Engineer

AirtableSan Francisco, CA +3

Builds security frameworks, automated guardrails, and threat modeling for Airtable's platform, focusing on AI/LLM safety and application security. Partners with engineering teams; requires 4+ years product security experience and proficiency in JS/TS/Node.js.

187k – 260k/yr
Remote4+ YOESecurity Engineering
Ramp

Security Engineer, Privacy

RampNew York, NY +1

Build privacy-focused primitives, integrate into products, partner on secure designs, and manage data retention/anonymization while tracking legal standards. Requires 4+ years software experience, 2+ years in privacy/security.

185k – 375k/yr
Hybrid4+ YOESecurity Engineering
Rula

Manager, Security Operations

RulaLos Angeles, CA

Lead and manage a security operations team responsible for detection, incident response, and security automation while coaching engineers and managing vendor relationships. Requires 5+ years in security operations and 2+ years of people management experience.

194k – 217k/yr
Remote5+ YOESecurity Engineering
OpenAI

Security Engineer, Infrastructure Security

OpenAISan Francisco, CA +3

Designs and builds security controls for infrastructure including GPU clusters, multi-cloud setups, datacenters, Kubernetes, and networks to protect AI models and data from advanced threats. Requires deep security expertise, cloud platform knowledge, and proactive problem-solving across on-prem and cloud environments.

184k – 385k/yr
RemoteSecurity Engineering