Security Engineer @ Ben

Our Mission

We’re not your average benefits platform — we’re the driving force that uplifts people’s lives. Our technology connects the entire benefits ecosystem, creating better outcomes for employers, employees, brokers, and providers.

Our mission is clear: to build a world where everything works at its best, ensuring every employee gets the support they need to thrive—both at work and beyond.

Your Mission

As a Security Engineer at Ben you will shape Infosec across the domains of infrastructure, product, and compliance. You’ll be a key technical contributor in a small, high-impact team - with direct mentorship from our Head of Infosec and the autonomy to take full ownership of key projects.

We value self-starters who are eager to take on ownership, in a supportive environment where you can make a real impact while developing your skills. Our culture emphasises work-life balance, so while we work hard to ship on time, we also take downtime and relaxation seriously.

Things you will be working on…

• Take ownership of existing security tooling, and implement new ones (e.g. endpoint protection, MDM, access controls), ensuring they’re effectively configured, maintained, and evolving as the business grows
• Embed secure-by-design practices into the development lifecycle across engineering, including secure coding, threat modeling, and design reviews
• Monitor systems for irregular behavior and proactively design detection and prevention mechanisms
• Ensure infrastructure and applications align with generally accepted industry standards, such as the OWASP Top 10 and the AWS Well-Architected Framework
• Conduct and lead risk assessments, including third-party/vendor reviews and internal evaluations
• Document and maintain security policies, procedures, and controls as part of our ISO 27001-certified Information Security Management System (ISMS)

You will love this role if you have…

• Hands-on experience deploying and managing security tooling - such as EDR, MDM, ZTNA, or vulnerability scanners, and enjoy solving problems at the implementation level
• Worked with Microsoft’s security ecosystem, including Entra ID (Azure AD), Intune, and Defender, and feel confident navigating other vendors’ enterprise tooling
• Solid foundations in networking, systems, and cloud infrastructure, and understand how to apply industry standards (e.g. OWASP Top 10, AWS Well-Architected) to real-world scenarios
• Experience reviewing and improving product and infrastructure security, including secure SDLC practices like threat modelling, secure code review, or CI/CD hardening
• Familiarity with compliance frameworks such as ISO 27001 or SOC 2, and the ability to translate technical controls into well-documented policies and audit-ready evidence
• Experience automating repetitive security tasks (e.g. with Python, PowerShell, or Bash) or integrating tools via APIs to improve efficiency and reduce manual work
• A bias toward proactive risk reduction, not just fixing bugs - you think holistically about controls, people, and processes that improve security posture
• A generalist mindset - you’re comfortable working across infrastructure, product, and compliance domains, even if you’re deeper in one

You will not love this role if you….

• Want to only do policy work or only implementation - this is a hands-on, full-spectrum security role where you'll work across engineering and compliance
• Need a slow pace to feel comfortable - we move fast, and we prioritise action, even when the path isn’t perfectly clear
• Are uncomfortable being accountable for outcomes - this role involves owning projects end-to-end and being responsible for making them succeed
• Prefer maintaining the status quo - we want to challenge assumptions, rethink how security is done, and push for better ways of working
• Prefer a highly structured environment with established processes and clearly defined boundaries - we’re still building, and sometimes that means creating the path as we go
• Struggle with ambiguity or expect prescriptive direction - you’ll get support and context, but you’ll need to figure things out and take ownership
• Wait for others to step up, or to be told what to do - We are a high-performance and high-reward work place and are looking for people who are proactive

Our Compensation & Benefits

• Competitive base salary + equity, so you own what you build
• £100 monthly personal Ben Balance: for whatever works for you, whether that's Netflix, Spotify, or a really expensive cup of coffee! This allowance will increase by £50 for each year of service until you reach £250
• Weekly lunch provided in office so you can spend quality time with the team over some tasty food!
• 28 days of holidays a year plus bank holidays, and an option to buy or sell 5 days per year. Also, your holiday entitlement will increase to 30 days at your 3rd year of service!
• Work-from-abroad scheme, so you can support your travels, enjoy an extended holiday, or visit loved ones.