Lead and continuously improve Brightspot’s security posture across infrastructure, applications, and internal systems by designing secure architectures, identifying and remediating vulnerabilities, strengthening authentication and secret management practices, and implementing effective network and firewall controls.
Embed security into engineering workflows by integrating controls into CI/CD and QA pipelines, automating guardrails and monitoring through scripting and Infrastructure-as-Code practices, and improving alerting and production observability.
Operationalize compliance and risk management efforts, including SOC 2 Type 2 controls, ensuring security processes are implemented in practice while evaluating and strengthening existing tooling and overall security maturity.
Partner closely with Engineering, Platform, QA, and IT teams to communicate risks clearly, implement practical security solutions, and establish security as a shared responsibility across the organization.

5+ years of hands-on experience in security engineering in a software development environment. Demonstrated experience designing and implementing security architecture across application and infrastructure layers
Strong scripting and coding skills to automate security controls and workflows
Experience securing cloud environments (AWS, Azure, or GCP) and working within modern DevOps pipelines
Experience with Infrastructure as Code (Terraform or similar) and secure configuration practices
Deep understanding of network security, including firewalls, segmentation, and secure configuration management
Proven track record of identifying vulnerabilities and driving remediation through completion in fast-paced environments
Ability to clearly communicate technical risks and remediation plans to both engineering teams and non-technical stakeholders
Strong knowledge of secret management solutions (e.g., Vault, cloud-native secret managers)

Security Engineer

Key skills