Brightwell Logo

Cybersecurity Engineer

🇺🇸 United States - Remote
🔒 Cybersecurity🔵 Mid-level

Job Description

What We Do

Brightwell is a pioneering payments company dedicated to providing innovative solutions and technology for global money transfers while navigating the intricate landscape of regulatory requirements. Through strategic partnerships and technological advancements, Brightwell facilitates cross-border payments, offering a range of options including bank transfers, mobile wallets, and cash transactions, empowering businesses and individuals to seamlessly manage and move money worldwide.

Who We Need

We’re searching for a senior Cybersecurity Engineer to play a key role in our security and compliance programs. You’ll balance hands-on security engineering with compliance program management, working closely with our Chief Compliance Officer and General Counsel on risk decisions and audit matters.

You’ll lead SOC2 Type II and PCI DSS program execution (~50% of your time) while conducting security assessments, penetration testing, and vulnerability management across our applications and Azure infrastructure (~50% of your time). You should be the security subject matter expert who can independently drive programs while partnering with our CCO on compliance strategy.

This role is perfect for a seasoned security professional who thrives at balancing compliance rigor with hands-on security work.  You’ll write control narratives for auditors in the morning and pentest APIs in the afternoon. Reporting to the VP of Engineering within IT Operations, you’ll have direct access to our Chief Compliance Officer and General Counsel for compliance matters and risk decisions.

**This is a HYBRID position based in Atlanta, GA. Candidates will be expected in the office a minimum of two days per week.

What You’ll Do

SOC2 & PCI Compliance Programs (~50%):

  • Own SOC2 Type II program execution, including control design, audit preparation, and evidence collection in partnership with our Chief Compliance Officer
  • Develop and maintain information security policies, procedures, and control narratives aligned with SOC2 Trust Services Criteria and PCI DSS requirements
  • Lead risk assessments and security audits, ensuring documentation meets industry and regulatory requirements
  • Create and maintain technical documentation (network diagrams, system architecture, data flows) and conduct internal control testing
  • Serve as primary technical liaison with external auditors and manage PCI vulnerability scans and penetration testing

Application & Infrastructure Security (~50%):

  • Conduct threat modeling, security assessments, and penetration testing of Azure-based applications and APIs, including code reviews focused on authentication, authorization, and data protection
  • Review, validate, and design security controls across Azure infrastructure, including Network Security Groups, firewalls, Azure AD/Entra ID, and Key Vault
  • Manage and optimize security tools (endpoint protection, SIEM, vulnerability scanners, automated testing platforms) and coordinate continuous vulnerability scanning and remediation with development and infrastructure teams
  • Investigate and respond to security incidents with root cause analysis and implement preventive measures
  • Partner with DevOps to integrate security into CI/CD pipelines
  • Evaluate and implement new security and automation technologies
  • Provide security training and guidance to promote a strong security culture

As an Cybersecurity Engineer, you have

  • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
  •  7+ years of hands-on information security experience, preferably in financial services or highly regulated environments
  • Proven experience managing SOC2 Type II and PCI DSS compliance programs, including control design, policy development, and audit coordination
  • Strong technical skills in penetration testing, vulnerability assessments, and security code reviews
  • Experience with Azure security (Network Security Groups, Azure AD, Key Vault, Security Center) and security tooling (SIEM, vulnerability scanners, endpoint protection)
  • Experience investigating and responding to security incidents with strong analytical and problem-solving skills
  • Excellent communication skills with the ability to explain technical security concepts to both technical and non-technical stakeholders
  • Proven ability to work independently as a security subject matter expert
  • Security certifications (CISSP, OSCP, CEH, GIAC, or Azure Security) are preferred but not required

What We’re Offering in Return

  • Empowered Work: Own your work and grow your career with real autonomy and impact
  • Hybrid Flexibility: 3 days remote, 2 days in our Atlanta office at the Battery
  • Global Impact: Join a passionate team building mission-critical tools for people around the world
  • Great Benefits: Medical, dental, vision, disability, 401(k), paid parental leave, PTO, and more
  • Supportive Environment: Thrive in a collaborative, inclusive workplace that values innovation and continuous learning

Brightwell is an equal opportunity employer (EOE) committed to employing a diverse workforce and sustaining an inclusive culture.

Share this job:
Please let Brightwell know you found this job on Remote First Jobs 🙏

1704 similar remote jobs

Explore latest remote opportunities and join a team that values work flexibility.

View all jobs
Visa logo

Cybersecurity Engineer Regulatory Audit and Compliance

Visa

$137k-$212k Yesterday
Netcompany logo

Senior Cybersecurity Engineer

Netcompany

3 Days ago
Dark Wolf Solutions logo

Cybersecurity Engineer

Dark Wolf Solutions

$145k-$165k 4 Days ago
CSC Generation logo

Senior Cybersecurity Engineer

CSC Generation

4 Days ago
Click Therapeutics, Inc. logo

Cybersecurity Engineer

Click Therapeutics, Inc.

$260k-$280k 5 Days ago
Visa logo

Staff Cybersecurity Engineer

Visa

5 Days ago

Remote companies like Brightwell

Find your next opportunity with companies that specialize in Finance, Fintech, Remittances, and Payments. Explore remote-first companies like Brightwell that prioritize flexible work and home-office freedom.

All companies
Ripple Logo

Offers critical services for financial institutions and payment providers in a crypto-enabled, global environment.

2 open positions →
Monex Securities, Inc Logo

Monex Securities, Inc

11-50 www.monexusa.com

Provides global payments, foreign exchange risk management, and investment services

View company profile →
Current Logo

Current

51-200 current.com

Financial technology platform

View company profile →
OpenPayd Logo

OpenPayd

51-200 www.openpayd.com

Builds universal financial infrastructure for global money movement across fiat and digital assets through a single API.

3 open positions →
Purple Technology Logo

Purple Technology

51-200 www.purple-technology.com

Provides technology and expert services for Forex brokers worldwide, specializing in online trading solutions since 2011.

View company profile →
NMI Logo

NMI

201-500 www.nmi.com

Global leader in payments

View company profile →

Project: Career Search

Rev. 2026.2

[ Remote Jobs ]
Direct Access

We source jobs directly from 21,000+ company career pages. No intermediaries.

Search Jobs Post a Job
01

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

02

Advanced Filters

Filter by category, benefits, seniority, and more.

03

Priority Job Alerts

Get timely alerts for new job openings every day.

04

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

21,000+ SOURCES UPDATED 24/7
Apply