What We Do 

Brightwell is a full-service payments company providing thoughtful solutions and technology for sending money around the world while managing the complex regulatory requirements surrounding those transactions. Coupling technological innovation with strategic partnerships, Brightwell offers technology for businesses and individuals to expand their own portfolio into cross-border payments (including bank transfers, mobile wallets, or cash). Providing unmatched fraud and transaction monitoring backed by an in-house team of global payments experts, Brightwell offers options when it comes to managing and moving money around the globe. 

Who We Need 

We’re searching for an Information Security Manager to join our crew. As our ideal Information Security Manager, you will interact with multiple stakeholders within the organization and contribute innovative solutions for security programs and continuous monitoring capabilities. You will also be responsible for the ongoing management of information security policies, procedures, and technical systems in order to maintain the confidentiality, integrity, and availability of all organizational information systems.  

,

**This is a HYBRID position, based in Atlanta, GA with 1-2 days each week spent working in the Brightwell office.

As a part of our selection process, we require all Brightwell candidates to complete a 10-minute survey which you can find here:  Culture Index Survey 

This confidential survey allows us to match your unique strengths with our open positions. 

 

What You’ll Do 

• Lead in the development/adoption and enforcement of Information Security policies, procedures, and standards. Conduct and complete an annual review of required PCI, SOC2 regulations, and reports. 

• Maintain the Company’s Security Policies. These are formal policies that detail and document actual mechanisms and controls and should include at least the following: 

• Administrative: Risk analysis and management, documentation management and controls, information access controls and sanctions for failure to comply. 

• Personnel Security: Personnel only have access to sensitive information for which they have appropriate authority and clearance. 

• Physical Safeguards: Assign security responsibilities, control access to media, and the controls in place against unauthorized access to workstations and related equipment. 

• Technical Security: Set the access and authorization controls for everyday operations as well as emergency procedures for data. 

• Transmission security: Set the standards for access controls, audit trails, event reporting, encryption, and integrity controls. 

• Maintain the Company’s Security Procedures that include: Evaluation and compliance with security measures, Disaster Recovery and Emergency operating procedures, Security Incident Response and process protocols including Incident Reporting and Sanctions, and Testing of security procedures, mechanisms, and measures. 

• Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted patient data and protect against reasonably anticipated threats and hazards.  

• Oversee and/or assist in performing ongoing security monitoring of organization information systems including: 

• Assess information security risk periodically. 

• Conduct functionality and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements. 

• Evaluate and recommend new information security technologies and countermeasures against threats to information or privacy. 

• Ensure compliance through adequate training programs and periodic security audits. These audits should be both internal and external in nature. 

• Take on other tasks and duties as assigned. 

 

As Information Security Manager, you have: 

• Bachelor’s degree in a related field 

• 5+ years’ experience working in information security 

• Understanding of other technology sub-areas, i.e., server administration, server security, testing and implementation processes and procedures 

• Strong skill in problem solving to identify, communicate, and implement action when needed. 

• 2+ years of experience using vulnerability assessment tools, analyzing and interpreting assessment results. 

• 3+ years of experience with strong understanding of infrastructure technologies and functionalities (e.g., firewalls, Windows/Linux servers, Active Directory) 

 

We’ll give you extra credit for: 

• CISSP Certification 

• Experience working in a highly regulated environment 
  
  

What We’re Offering in Return 

• Freedom: We trust you to do your thing and do it well. 

• Professional Development: We work with you to grow your skills and push you forward. 

• Entrepreneurship: We embrace new ideas and people who have the drive to see them through. If you are a doer, look no further! 

• Benefits: Medical, dental, vision, disability insurance, 401k, flexible spending accounts, parental leave, paid vacation, and more. 

• Random: Culture and company events (happy hours, CEO lunches, outings to Braves or United games, etc.) 

 

Brightwell is an equal opportunity employer (EOE) committed to employing a diverse workforce and sustaining an inclusive culture. 

Financial services including cross-border remittance, fraud security, & more. Increase revenue and mitigate risk with Brightwell's payments solutions.