Own and continuously improve Brightspot’s overall security posture across platform, infrastructure, and internal systems
Conduct a comprehensive security audit of the Brightspot ecosystem and define a roadmap for strengthening security practices
Lead and maintain security compliance initiatives including SOC 2, GDPR, and other enterprise security frameworks
Design and implement security architecture, controls, and automation across cloud infrastructure and development workflows
Build and operate internal security monitoring and incident response capabilities
Implement and manage firewalls, access controls, secrets management, and network security policies
Partner with Engineering and Infrastructure teams to ensure secure software development and deployment practices
Support the Sales organization in enterprise and government sales cycles, positioning Brightspot as an industry-leading secure platform
Work directly with enterprise and government customers to address security reviews, audits, and technical due diligence
Establish clear security metrics, reporting, and improvement plans
Lead and mentor security team members as the function grows

Requirements

15+ years of deep hands-on experience in security engineering or infrastructure security
Proven experience implementing and operating security programs, not just writing policies
Expertise in cloud security environments (AWS or equivalent)
Experience leading security compliance initiatives such as SOC 2, GDPR, or similar frameworks
Strong technical understanding of network security, firewalls, access control, and secrets management
Experience building or improving security monitoring, incident response, or SOC operations
Ability to work closely with engineering teams and translate security requirements into practical implementation, including the use and evaluation of open-source security tooling
Experience supporting enterprise security reviews and customer-facing technical discussions
Demonstrated ability to identify risks and drive issues through to resolution
Excellent communication skills with both technical and non-technical stakeholders
Must hold security certifications such as CISSP, CISM, or equivalent.

Benefits

Health, dental, and vision insurance
3 weeks paid vacation
Paid sick leave
Paid company holidays
Safe Harbor 401(k) with employer matching
Continuing education stipend
3-week paid sabbatical after your 5th anniversary

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security engineeringinfrastructure securitycloud securitynetwork securityfirewallsaccess controlsecrets managementsecurity monitoringincident responseSOC operations

Soft Skills

communication skillsleadershipmentoringproblem-solvingcollaboration

Certifications

CISSPCISM