Lead Security Engineer and Data Protection Officer

at BrightAI
  • Remote - United States

Remote

Cybersecurity

Senior

Job description

Lead Security Engineer & Data Protection Officer (DPO)

Location: Remote

Reports to: VP of Cloud and Mobile

About the Role

We’re seeking a Lead Security Engineer who will also serve as the company’s Data Protection Officer (DPO). This dual role combines deep technical leadership in software and hardware security with accountability for data privacy, compliance, and protection practices. You’ll drive security architecture, incident response, and compliance with standards like SOC 2 and GDPR, while also guiding the organization’s responsibilities for data subject rights and privacy-by-design.

Key Responsibilities

Security Engineering & Architecture

  • Own the security posture of the company across software, hardware, infrastructure, and third-party services.
  • Partner with engineering teams to review designs and ensure secure implementation practices.
  • Lead threat modeling and secure development lifecycle (SDLC) processes.
  • Build and maintain internal tooling and automation to support security operations.
  • Coordinate penetration testing and managing the response to the results.

Security Operations & Incident Response

  • Serve as the escalation point for security incidents and coordinate response efforts.
  • Maintain and improve logging, monitoring, and alerting systems.
  • Conduct root cause analyses and lead post-mortem reviews for security events.

Compliance & Risk Management

  • Lead SOC 2 Type II and GDPR compliance initiatives.
  • Manage third-party risk assessments and vendor security reviews.
  • Define, maintain, and socialize internal security and privacy policies.
  • Oversee employee security awareness training and audits.

Data Protection Officer (DPO) Responsibilities

  • Monitor compliance with GDPR and other data protection laws.
  • Advise internal teams on privacy impact assessments (DPIAs), data retention, and lawful bases for processing.
  • Serve as the primary point of contact for data subject requests (DSARs) and supervisory authorities.
  • Ensure privacy-by-design is embedded into engineering and product development.
  • Leading the process of responding to security questionnaire from vendors and companies who use us as a data processor

Cross-Functional Collaboration

  • Act as a security and privacy design partner across product, hardware, legal, and engineering.
  • Communicate security risks and mitigations to leadership and business teams.
  • Represent the company in external security audits and customer security evaluations.

Qualifications

Required:

  • 5+ years of experience in security engineering or information security roles.
  • Deep understanding of software and hardware security principles and attack surfaces.
  • Demonstrated experience with SOC 2 Type I/II and GDPR implementation.
  • Strong knowledge of data protection laws and the responsibilities of a DPO.
  • Clear, persuasive communicator comfortable working with technical and non-technical teams.
  • Strong understanding of AWS and Bluetooth security technologies

Preferred:

  • Experience serving as a DPO or equivalent privacy leadership role.
  • Familiarity with embedded systems or connected hardware product security.
  • Experience with security automation and compliance tooling.
  • Privacy or security certifications (e.g., CIPP/E, CISSP, CEH, or equivalent).

Why Join Us?

  • Play a key leadership role at a high-growth, mission-driven company.
  • Shape the security and privacy culture across all levels of the organization.
  • Work with a collaborative, forward-thinking team on products that matter.
Share this job:
Please let BrightAI know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at BrightAI

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply