At
Brightspot®, we believe technology should enable content-focused teams to work smarter, faster, and more seamlessly to move businesses forward. Our world-class delivery team has decades of collective experience supporting digital transformation efforts for some of the world’s most well-known companies – from eCommerce brands and media organizations to corporate businesses. Brightspot prides itself on being a leading content management system built to grow and adapt to any business.
We are hiring a Security Engineer to help us elevate our platform’s security posture. This is a hands-on, high-impact role for someone who enjoys being a practitioner, not just a policy-writer.
You will sit across our Platform, Engineering, and Infrastructure teams and drive accountability for delivering a secure product to our customers. You will identify security gaps, automate guardrails, push issues to resolution, and articulate risk clearly to both technical and non-technical stakeholders.
If you’re someone who likes ownership, autonomy, and solving complex security challenges end-to-end, this role will give you room to make a real impact.
Responsibilities
Lead and continuously improve Brightspot’s security posture across infrastructure, applications, and internal systems by designing secure architectures, identifying and remediating vulnerabilities, strengthening authentication and secret management practices, and implementing effective network and firewall controls.Embed security into engineering workflows by integrating controls into CI/CD and QA pipelines, automating guardrails and monitoring through scripting and Infrastructure-as-Code practices, and improving alerting and production observability.Operationalize compliance and risk management efforts, including SOC 2 Type 2 controls, ensuring security processes are implemented in practice while evaluating and strengthening existing tooling and overall security maturity.Partner closely with Engineering, Platform, QA, and IT teams to communicate risks clearly, implement practical security solutions, and establish security as a shared responsibility across the organization.
Qualifications
5+ years of hands-on experience in security engineering in a software development environment. Demonstrated experience designing and implementing security architecture across application and infrastructure layersStrong scripting and coding skills to automate security controls and workflowsExperience securing cloud environments (AWS, Azure, or GCP) and working within modern DevOps pipelinesExperience with Infrastructure as Code (Terraform or similar) and secure configuration practicesDeep understanding of network security, including firewalls, segmentation, and secure configuration managementProven track record of identifying vulnerabilities and driving remediation through completion in fast-paced environmentsAbility to clearly communicate technical risks and remediation plans to both engineering teams and non-technical stakeholdersStrong knowledge of secret management solutions (e.g., Vault, cloud-native secret managers)
Compensation & Benefits
The starting salary range for this role is $125,000 with bonus potential.Benefits include health, dental, and vision insurance, 3 weeks paid vacation, paid sick leave, paid company holidays, Safe Harbor 401(k) with employer matching, continuing education stipend, and a 3-week paid sabbatical after your 5th anniversary
Hybrid Expectations
This is a hybrid position. Candidates are expected to work on-site at our Reston or Chicago office 2 days per week.
At
Brightspot®, we value diversity and strive to create an inclusive environment where all employees can thrive. We are an equal opportunity employer and welcome applicants from all backgrounds and experiences.
