We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Lead Security Engineer & Data Protection Officer (DPO) at BrightAI. Location Information: United States (Remote). . Lead Security Engineer & Data Protection Officer (DPO). . Location:. Remote. . Reports to:. VP of Cloud and Mobile. . . . About the Role. . We’re seeking a . Lead Security Engineer. who will also serve as the company’s . Data Protection Officer (DPO). . This dual role combines deep technical leadership in software and hardware security with accountability for data privacy, compliance, and protection practices. You’ll drive security architecture, . incident response. , and compliance with standards like . SOC 2. and . GDPR. , while also guiding the organization’s responsibilities for . data subject rights. and . privacy-by-design. .. . Key Responsibilities. . Security Engineering & Architecture. . . Own the security posture of the company across software, hardware, infrastructure, and third-party services.. . Partner with engineering teams to review designs and ensure secure implementation practices.. . Lead threat modeling and secure development lifecycle (SDLC) processes.. . Build and maintain internal tooling and automation to support security operations.. . Coordinate penetration testing and managing the response to the results.. . . Security Operations & . Incident Response. . . Serve as the escalation point for security incidents and coordinate response efforts.. . Maintain and improve logging, monitoring, and alerting systems.. . Conduct root cause analyses and lead post-mortem reviews for security events.. . . Compliance & Risk Management. . . Lead SOC 2 Type II and GDPR compliance initiatives.. . Manage third-party risk assessments and vendor security reviews.. . Define, maintain, and socialize internal security and privacy policies.. . Oversee employee security awareness training and audits.. . . Data Protection Officer (DPO) Responsibilities. . . Monitor compliance with GDPR and other data protection laws.. . Advise internal teams on privacy impact assessments (DPIAs), data retention, and lawful bases for processing.. . Serve as the primary point of contact for data subject requests (DSARs) and supervisory authorities.. . Ensure privacy-by-design is embedded into engineering and product development.. . Leading the process of responding to security questionnaire from vendors and companies who use us as a data processor. . . Cross-Functional Collaboration. . . Act as a security and privacy design partner across product, hardware, legal, and engineering.. . Communicate security risks and mitigations to leadership and business teams.. . Represent the company in external security audits and customer security evaluations.. . . Qualifications. . Required:. . . 5+ years of experience in security engineering or information security roles.. . Deep understanding of software and hardware security principles and attack surfaces.. . Demonstrated experience with SOC 2 Type I/II and GDPR implementation.. . Strong knowledge of data protection laws and the responsibilities of a DPO.. . Clear, persuasive communicator comfortable working with technical and non-technical teams.. . Strong understanding of AWS and Bluetooth security technologies. . . . . Preferred:. . . Experience serving as a DPO or equivalent privacy leadership role.. . Familiarity with embedded systems or connected hardware product security.. . Experience with security automation and compliance tooling.. . Privacy or security certifications (e.g., CIPP/E, CISSP, CEH, or equivalent).. . . Why Join Us?. . . Play a key leadership role at a high-growth, mission-driven company.. . Shape the security and privacy culture across all levels of the organization.. . Work with a collaborative, forward-thinking team on products that matter.. . .