Information Security Engineer

Bitwerx Inc (Bitwerx.com)

Lexington, KY

JOB DETAILS
SKILLS
Access Control, Automation, Cloud Computing, Communication Skills, Continuous Deployment/Delivery, Continuous Integration, Data Management, Data Storage, Dental Insurance, Fortune 500 Customers, Incident Response, Information/Data Security (InfoSec), Microsoft Windows Azure, Privacy Controls, Regulations, Regulatory Compliance, Risk, Risk Management, Root Cause Analysis, Scalable System Development, Security Architecture, Small Company, Software Administration, Software Engineering, Startup, Team Player, Treatment Plan, Vendor/Supplier Management, Veterinary Medicine, Vision Plan, Writing Skills
LOCATION
Lexington, KY
POSTED
30+ days ago

Information Security Engineer

About Bitwerx Bitwerx, Inc. is a team of industry experts focused on designing, building, and supporting innovative software solutions that leverage data to improve the customer journey. Our experience spans many industries with a focus on veterinary, and our partners range from startups trying to bring a new idea to market to Fortune 500 companies looking to become more agile.

About the role We are seeking an Information Security Engineer to serve as the primary owner of Bitwerx's Information Security governance, policies, and compliance framework, leading the design, implementation, and ongoing maturation of the security program with a core focus on SOC 2 Type 2 and broader U.S. and international compliance requirements. This is a hands-on individual contributor role. You will be responsible for building practical, scalable security controls; refining policies and standards; operationalizing compliance requirements; and partnering closely with our Platform Delivery and Software Engineering teams to embed security into day-to-day operations.

This role may be based in Lexington, KY (hybrid) or performed remotely from select U.S. locations.

What You'll Do Security & Compliance Program Ownership

Own end-to-end SOC 2 Type 2 execution

Design, refine, and validate security controls

Prepare audit evidence and remediation plans

Policy, Risk and Governance

Author and maintain security policies and standards

Maintain the risk register and treatment plans

Manage vendor risk workflows

Cloud and Platform Security

Implement Azure security guardrails

Enforce IAM, RBAC, MFA and conditional access

Maintain the risk register and treatment plans

Secure CI/CD pipelines and secrets

Monitoring and Incident Response

Implement centralized logging and alerting

Maintain Incident Response playbooks and lead response efforts

Perform root cause analysis

Manage tabletop exercises using real-world examples for team training

Audit and Automation

Automate compliance evidence collection

Ensure controls are sustainable year over year

What You'll Bring

3+ years in security and/or compliance engineering

SOC 2 Type 2 hands-on experience

Experience implementing international security and privacy compliance controls (e.g., GDPR, OSFI, and similar regulatory frameworks)

Strong understanding of security architecture and risk management for data-centric organizations, including large-scale data storage, processing, access controls, and data lifecycle governance

Azure cloud security experience

Strong written and technical communication skills

Proactive, collaborative team player who thrives in a fast paced, small company environment

Experience with Drata is preferred

What Success Looks Like

Predictable, low-stress audits

Embedded security controls

Automated evidence collection

Why This Role Matters Security and compliance are foundational to Bitwerx's growth, reputation and customer trust.

What We Offer

100% company-paid health, vision, and dental insurance

401(k) with company match

Robust PTO policy

A collaborative and inclusive work culture

Opportunities for professional growth and development

The chance to make a significant impact on a growing company

Bitwerx, Inc. is an Equal Opportunity Employer. Your application will be considered regardless of race, color, national origin, age, disability, gender, sexual orientation, gender identity or expression, marital status, or veteran status. You must be legally authorized to work in the U.S.

About the Company

B

Bitwerx Inc (Bitwerx.com)