Lead Security Engineer
$190k - $230kBenepass
About Us At Benepass we're making benefits easy. We believe people are the most important asset to any company. Traditional one-size-fits-all benefits packages no longer cut it in today's hybrid and remote-first environment. With Benepass, companies can tailor their benefits to the unique needs of their workforce. Through our easy-to-use and highly customizable fintech platform, People teams can implement, administer, and track the benefits that meet employees where they are. Employers design their benefits and perks plan by setting a contribution amount and eligible spend categories. Every employee has their own individual definition of wellness and needs different things to help them be their most productive, fulfilled self. Our Mission Helping companies reimagine how companies take care of their people. Our Investors We are backed by leading investors, including Centana Growth Partners, Portage Ventures, Threshold Ventures, Gradient Ventures, Workday Ventures, and Clocktower Technology Ventures. To date, the company has raised approximately $75 million in equity capital. Articles
At Benepass, we are working towards reimagining how companies take care of their people. We are committed to creating an inclusive environment for all our employees and are seeking to build a team that reflects the diversity of the people we hope to serve with our revolutionary products. Benepass is proud to be an equal-opportunity employer.
- Founder Story - Jaclyn Chen
- Benepass Raises $40M Series B
- Benepass | Candidate Resource Page
- Benepass Listed on Inc. Magazine's Best Workplaces of 2023
- Security Engineering Technical Lead: You have operated as a senior IC or technical lead for security engineering work, setting strategy while staying hands-on with design reviews, code, automation, tooling, and operational follow-through.
- Application Security Builder: Deep experience with secure SDLC practices, shift-left security, threat modeling, API security, SAST/code scanning, CI/CD security integrations, security QA, vulnerability management, and developer-friendly security UX.
- Cloud Security Partner: Comfortable partnering with Platform Engineering on IAM, KMS, CloudTrail, GuardDuty, Security Hub, VPC and network segmentation, WAF, Secrets Manager, RDS, S3, infrastructure-as-code security, container security, and continuous cloud posture management.
- Security Architecture Partner: Able to reason about access control, encryption standards, certificate management, vaulting, key management, HSM/KMS-backed cryptography, secure system builds, DDoS/WAF/network design, and detection engineering in a modern SaaS environment.
- Supply Chain Security Owner: Experienced improving dependency management, SBOM generation, artifact signing, secret scanning, third-party risk input, CI/CD hardening, and the security of build and release pipelines.
- Program Builder: Familiar with NIST CSF 2.0 as a practical maturity framework and able to use OWASP SAMM to shape application security and engineering maturity.
- Developer Enablement Mindset: You treat security as an engineering enablement function, building scalable guardrails, paved roads, documentation, training, security champions, and feedback loops that help teams move faster with less risk.
- AI Security Pragmatist: You can help define secure AI tooling usage, LLM and code-assistant governance, and data protection practices for AI-enabled development workflows without blocking useful experimentation.
- Pragmatic Risk Manager: You can balance ideal security outcomes with engineering velocity and business priorities, making clear tradeoffs and prioritizing the risks that matter most for a growing startup.
- Experience: 7+ years in security engineering, application security, cloud security, product security, platform security, or closely related technical security roles, ideally in a high-growth SaaS or technology company.
- Technical Leadership: Proven ability to lead broad security engineering initiatives as a senior IC, influence cross-functional technical decisions, and move work from strategy to production implementation.
- Application Security: Strong working knowledge of secure SDLC practices, secure design review, threat modeling, API security, code scanning, SAST, CI/CD security integrations, security testing, defect management, and vulnerability remediation workflows.
- AWS Security: Hands-on experience with AWS-native security patterns and services, including IAM, KMS, CloudTrail, GuardDuty, Security Hub, VPC segmentation, WAF, Secrets Manager, S3/RDS encryption, infrastructure-as-code security, container orchestration security, and cloud posture management.
- Architecture & Cryptography: Ability to guide secure system builds involving access control, encryption standards, key and certificate management, vaulting, secrets management, and managed HSM/KMS-backed cryptographic services.
- Supply Chain & CI/CD Security: Experience hardening build, test, and deployment workflows through dependency scanning, SBOMs, artifact signing, secret scanning, CI/CD guardrails, least-privilege automation, and container security controls.
- Security Program Maturity: Ability to use frameworks such as NIST CSF 2.0 and OWASP SAMM pragmatically to assess current state, sequence improvements, define metrics, and mature security practices iteratively.
- Communication & Education: Clear communicator who can partner with engineering, product, platform, compliance, and business teams; write practical guidance; teach developers; and create durable security champions programs.
- Execution Discipline: Strong judgment in prioritizing technical risk reduction, managing ambiguity, documenting decisions, and building lightweight processes that scale with the company.
- Experience securing fintech, benefits, payroll, payments, or other regulated SaaS platforms that process PII, financial data, HRIS data, transaction data, or customer administrative workflows.
- Familiarity with SOC 2, HITRUST, PCI, or similar compliance and audit programs, with the ability to support evidence and control design while staying focused on technical risk reduction.
- Experience with AWS serverless and managed-service architectures, including API Gateway, Cognito, Lambda, ECS/EKS, RDS, S3, Transfer Family, CloudFront, and event-driven security monitoring patterns.
- Background with mobile application security for iOS and Android, including secure token handling, platform keychain/keystore patterns, OTA update risk, and mobile API abuse prevention.
- Experience with detection-as-code, SIEM/SOAR workflows, security data pipelines, incident response automation, or measurable improvements to alert quality and response readiness.
- Hands-on experience with Terraform, CloudFormation, CDK, policy-as-code, CSPM/CWPP tools, container image scanning, runtime security, or Kubernetes/ECS hardening.
- Experience designing developer education, secure coding workshops, security champions programs, or other scalable practices that improve security outcomes without slowing delivery.
- Experience defining practical governance for LLMs, AI coding assistants, prompt/data handling, model/tool approval, and sensitive data protection in AI-enabled software development workflows.
- 95% coverage of medical, dental, and vision
- Fantastic benefits (of course ), including:
- $250 WFH setup (one time)
- $500/year Learning & Development Benefit
- $150/month cell phone + internet
- $100/month Wellness
- $100/month Co-working and Commuter Benefit
- We offer several team onsites a year
- Flexible PTO
At Benepass, we are working towards reimagining how companies take care of their people. We are committed to creating an inclusive environment for all our employees and are seeking to build a team that reflects the diversity of the people we hope to serve with our revolutionary products. Benepass is proud to be an equal-opportunity employer.
Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Lead Security Engineer in United States vacancy
- ...where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the... ...the world's largest and most influential companies. As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity Technology &...Suggested
- ...of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorganChase within the Cybersecurity and Technology Controls line of business, you are an integral part of an agile team...Suggested
- ...infrastructure. Make a real impact as you help shape the way secure communications are configured, tested, and deployed across... ...the world's largest and most influential companies. As a Lead Security Engineer at JPMorgan Chase within the CTC Emerging Technologies Security...Suggested
- ...As a member of the Emerging Technologies Security group within the Cybersecurity &... ...cryptographers and a group of passionate security engineers to solve complex security problems and... ...Responsibilities: Research & Development: Lead the analysis and use of cryptographic...Suggested
- ...cybersecurity team where your expertise in cryptographic infrastructure and secure hardware directly protects the financial systems trusted by millions of people around the globe. As a Sr Lead Security Engineer at JPMorganChase within the Cybersecurity & Technology Controls...Suggested
- ...of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorgan Chase within Cybersecurity and Technology Controls, you are an integral part of an agile team that delivers secure...
- ...where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the... ...of the world's largest and most influential companies. As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity & Technology...
- ...of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorganChase within the, you are an integral part of an agile team that works to deliver software solutions that satisfy...For contractors
- ...collaborating with J.P. Morgan to connect them with exceptional professionals for this role. JOB DESCRIPTION As a Senior Lead Software Security Engineer at JPMorganChase, you are an integral part of an agile team that works to enhance, build, and deliver trusted...For contractors
$127.5k - $276.2k
...Lead Security Engineer Category: Software Development/ Engineering Main location: United States, District of Columbia, Washington Position ID: J0626-1754 Employment Type: Full Time Position Description: The Lead Security Engineer is the enterprise...Full timeWork at officeLocal area$120k - $190k
...Lead Security Engineer, #1073 Security Requirement: U.S. Citizenship required Work Location: Suitland, MD We are seeking a Subject Matter Expert (SME)-level Lead Security Engineer to lead application security across a large-scale, cloud-native...Work at officeRemote workFlexible hours- ...Security Engineer III The Security Engineer III is the enterprise technical authority for advanced cybersecurity engineering, Zero Trust... ...efforts across Treasury's hybrid cloud ecosystem. This role leads transformative engineering initiatives to implement secure architectures...Work at office
- ...Lead Security Engineer This position supports Revolutional's federal customer as part of an application transformation and modernization initiative. This program is driving a large-scale transformation of systems into a data-centric, cloud-native ecosystem capable...For contractors
- ...Labcorp is seeking a Lead Network Security Engineer – Palo Alto to join our team at our Durham, NC location! Location Durham, NC. Applicants who live within 35 miles of Durham, NC location will follow a hybrid schedule. This schedule includes a minimum of three in office...Full timeWork at officeRemote workMonday to FridayFlexible hoursDay shift3 days per week
- ...environment. About Gartner IT Join a world‑class team of skilled engineers who build creative digital solutions to support our... ...great ideas can come from anyone on the team. About the Role The Lead Security Engineer will support Gartner’s AppSec function, executing daily...ApprenticeshipImmediate startWork from homeFlexible hours
- ...Lead Security Engineer Job Description Overview CoStar Group is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index, CoStar Group is on a mission to digitize the world’s real...Full timeWork at officeWork from homeMonday to Thursday
$239k - $263k
...The Opportunity Join the team securing the platform that helps millions of people move beyond... ...musculoskeletal pain. As Hinge Health’s engineering organization embraces AI-assisted... ...and MCP gateway integrations — we need a Lead Security Engineer who will build the security...Local area$121.79k - $166.95k
...Twitter , YouTube and Instagram . Position Summary: We have an exciting opportunity to join our team as a Lead Engineer - Network Security Systems. Reporting to the Director of Network Security Systems Engineering, the Lead Engineer of Network...$170.9k - $241.4k
...What you'll do Join our Cloud & Infrastructure Security team as a Technical Leader to define the strategy, lead the programs, deliver automation, and drive the... ...supporting response and remediation efforts with engineering teams Establish technical security baselines and...Contract workWork at officeLocal areaRemote work2 days per week- ...bureaucracy. We eagerly learn new tools and new science to push forward our mission. About the Role You will lead, design, build, and operate security engineering at Periodic Labs. You will secure the systems that power our research and operations, including cloud...Remote work
- ...Job Summary As a Senior Lead AI Security Engineer in our Cybersecurity team, you will design and deliver secure artificial intelligence solutions that support critical cyber use cases. You will play a key role in shaping platform standards and governance, collaborating...Work at office
- ...where you'll be a key part of a high-performing team delivering secure, scalable cloud network perimeter solutions. Make a real... ...the world's largest and most influential companies. As a Lead Security Engineer at JPMorganChase within the Cloud Edge Proxy team, you will...
- ...assets to the mainstream, consider building your career at Paxos Labs. We believe security is critical to our culture and long term success. We are hiring a Lead Security Engineer to help take Paxos Labs's security capabilities to the next level. Who we're looking...Contract work
- ...Job Title Leading the creation, improvement and education of security policies, procedures, standards, and practices. Leading the implementation, management, and monitoring of core security infrastructure. Leading the detection, mitigation and resolution of security...
- ...owning the outcome, and driving organizational change to transform how we work. Job Description We are seeking a Lead Security Engineer with deep experience securing enterprise systems, cloud platforms, and agent-based AI development environments at scale....Permanent employmentWork experience placementH1bLocal area
- ...Lead Security Engineer CodeRabbit is an innovative research and development company focused on building extraordinarily productive human-machine collaboration systems. Our primary goal is to create the next generation of Gen AI-driven code reviewers: a symbiotic partnership...Remote workShift work
- ...Lead Security Engineer (Consultant) As a Lead Security Engineer (Consultant) in Kainos, you will be responsible for leading our security engineering and security testing efforts across Kainos Platforms and Services. They will set direction on our security testing methodology...Remote work
- ...Job Summary As a Senior Lead AI Security Engineer in our Cybersecurity team, you will design and deliver secure artificial intelligence solutions that support critical cyber use cases. You will play a key role in shaping platform standards and governance, collaborating...Work at office
- ...Senior Lead Security Engineer The ideal candidate for this role must have a minimum of 5 years of experience with Cisco Firepower Firewall, strong understanding of network security protocols, and experience with network engineering and infrastructure projects. Additionally...
$200k - $300k
...Lead Security Engineer We are looking for a lead security engineer to stand up and own security at a company building category-defining products. Our problems span safe deployment of AI agents, multi-party workflow automation, identity, risk, and large-scale data,...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Lead Security Engineer. Be the first to apply!
Related searches
- lead industrial engineer United States
- lead mobile developer United States
- mainframe lead developer United States
- lead support engineer United States
- lead commissioning engineer United States
- lead angular developer United States
- lead product engineer United States
- lead automation engineer United States
- lead ios engineer United States
- lead quality engineer United States


