Security Engineer

Job Description

Job Description

At Brightspot®, we believe technology should enable content-focused teams to work smarter, faster, and more seamlessly to move businesses forward. Our world-class delivery team has decades of collective experience supporting digital transformation efforts for some of the world’s most well-known companies – from eCommerce brands and media organizations to corporate businesses. Brightspot prides itself on being a leading content management system built to grow and adapt to any business.

We are hiring a Security Engineer to help us elevate our platform’s security posture. This is a hands-on, high-impact role for someone who enjoys being a practitioner, not just a policy-writer.

You will sit across our Platform, Engineering, and Infrastructure teams and drive accountability for delivering a secure product to our customers. You will identify security gaps, automate guardrails, push issues to resolution, and articulate risk clearly to both technical and non-technical stakeholders.

If you’re someone who likes ownership, autonomy, and solving complex security challenges end-to-end, this role will give you room to make a real impact.

Responsibilities

• Lead and continuously improve Brightspot’s security posture across infrastructure, applications, and internal systems by designing secure architectures, identifying and remediating vulnerabilities, strengthening authentication and secret management practices, and implementing effective network and firewall controls.
• Embed security into engineering workflows by integrating controls into CI/CD and QA pipelines, automating guardrails and monitoring through scripting and Infrastructure-as-Code practices, and improving alerting and production observability.
• Operationalize compliance and risk management efforts, including SOC 2 Type 2 controls, ensuring security processes are implemented in practice while evaluating and strengthening existing tooling and overall security maturity.
• Partner closely with Engineering, Platform, QA, and IT teams to communicate risks clearly, implement practical security solutions, and establish security as a shared responsibility across the organization.

Qualifications

• 5+ years of hands-on experience in security engineering in a software development environment. Demonstrated experience designing and implementing security architecture across application and infrastructure layers
• Strong scripting and coding skills to automate security controls and workflows
• Experience securing cloud environments (AWS, Azure, or GCP) and working within modern DevOps pipelines
• Experience with Infrastructure as Code (Terraform or similar) and secure configuration practices
• Deep understanding of network security, including firewalls, segmentation, and secure configuration management
• Proven track record of identifying vulnerabilities and driving remediation through completion in fast-paced environments
• Ability to clearly communicate technical risks and remediation plans to both engineering teams and non-technical stakeholders
• Strong knowledge of secret management solutions (e.g., Vault, cloud-native secret managers)

Compensation & Benefits

• The starting salary range for this role is $125,000 with bonus potential.
• Benefits include health, dental, and vision insurance, 3 weeks paid vacation, paid sick leave, paid company holidays, Safe Harbor 401(k) with employer matching, continuing education stipend, and a 3-week paid sabbatical after your 5th anniversary

Hybrid Expectations

• This is a hybrid position. Candidates are expected to work on-site at our Reston or Chicago office 2 days per week.

At Brightspot®, we value diversity and strive to create an inclusive environment where all employees can thrive. We are an equal opportunity employer and welcome applicants from all backgrounds and experiences.

Visit to learn more about our story and solutions!

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.