openashbyhqgradient
Lead Security Engineer
Benepass
LocationU.S Remote
WorkplaceFull
EmploymentFullTime
Posted2026-05-20T17:26:13.370+00:00
Last observed2026-06-13 05:23:14.169311
Job idgradient-benepass:ashbyhq:3a24feec-cf36-400c-a508-a52707acc87a
ABOUT US At Benepass we're making benefits easy. We believe people are the most important asset to any company. Traditional one-size-fits-all benefits packages no longer cut it in today's hybrid and remote-first environment. With Benepass, companies can tailor their benefits to the unique needs of their workforce. Through our easy-to-use and highly customizable fintech platform, People teams can implement, administer, and track the benefits that meet employees where they are. Employers design their benefits and perks plan by setting a contribution amount and eligible spend categories. Every employee has their own individual definition of wellness and needs different things to help them be their most productive, fulfilled self. OUR MISSION Helping companies reimagine how companies take care of their people. OUR INVESTORS We are backed by leading investors, including Centana Growth Partners, Portage Ventures, Threshold Ventures, Gradient Ventures, Workday Ventures, and Clocktower Technology Ventures. To date, the company has raised approximately $75 million in equity capital. ARTICLES - Founder Story - Jaclyn Chen https://bit.ly/3FpQ0ti - Benepass Raises $40M Series B https://getbenepass.com/blog/benepass-raises-40m-series-b-to-help-employers-redesign-benefits-for-rising-healthcare-costs CANDIDATE RESOURCES - Benepass | Candidate Resource Page https://docs.google.com/document/d/1_OTFvktl-2SoxPn_tkZzyHECSKM0V14hVZOy1ZdZ8zE/edit?usp=sharing - Benepass Listed on Inc. Magazine's Best Workplaces of 2023 https://bit.ly/3EAXv0Q TEAM & ROLE As a Lead Security Engineer at Benepass, you will build, operationalize, and scale the security engineering practices that protect our benefits platform and the sensitive employee, benefits, and financial data it processes. You will work across application security, cloud security, security architecture, supply chain security, detection engineering, and vulnerability management, balancing security depth with the speed and pragmatism required at Benepass. Reporting to the Head of Infosec & GRC, you will be a senior individual contributor and technical lead with broad influence across Engineering, Product, Platform, and Compliance. You will partner deeply with the teams building our web and mobile applications, backend services, system integrations, card and banking workflows, infrastructure as code, and data platforms to turn risk reduction into scalable guardrails, automated controls, and clear engineering guidance. You are a builder and security partner at heart - someone who can set direction and mature security capabilities. You know when to introduce strong standards, when to ship incremental improvements, and how to make secure paths the easiest paths for engineers without turning security into a centralized approval queue. ROLE LOCATION & TRAVEL This remote role is based in the United States or Canada. You will be expected to attend company-wide on-site events three to four times per year, as well as occasional on-site office travel as necessary. ABOUT YOU - Security Engineering Technical Lead: You have operated as a senior IC or technical lead for security engineering work, setting strategy while staying hands-on with design reviews, code, automation, tooling, and operational follow-through. - Application Security Builder: Deep experience with secure SDLC practices, shift-left security, threat modeling, API security, SAST/code scanning, CI/CD security integrations, security QA, vulnerability management, and developer-friendly security UX. - Cloud Security Partner: Comfortable partnering with Platform Engineering on IAM, KMS, CloudTrail, GuardDuty, Security Hub, VPC and network segmentation, WAF, Secrets Manager, RDS, S3, infrastructure-as-code security, container security, and continuous cloud posture management. - Security Architecture Partner: Able to reason about access control, encryption standards, certificate management, vaulting, key management, HSM/KMS-backed cryptography, secure syste
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.