Security Engineer

Description

Job Title: Security Engineer

Department: Technology Operations

Location: BILT - Global Brand Support Center, Grapevine, Texas 76051

BILT Incorporated is a fast-growing software-as-a-service company revolutionizing instructions and training for consumers and professional technicians alike. BILT creates official 3D Intelligent Instructions® for thousands of products from hundreds of innovative brands and hosts them on a free mobile app. Users can manipulate interactive animations on a touchscreen, providing a superior training differentiator for products that require assembly, installation, maintenance, programming, or repair.

BILT's mission is to create an experience so enabling and empowering it turns users into promoters of the brands we serve. Our Global Brand Support Center is located in the Dallas‑Ft. Worth metroplex between DFW airport and the Southlake Town Square.

We're seeking a Security Engineer to strengthen our security and compliance program as we align with rigorous security frameworks. This role goes beyond technical execution—you'll enhance our project's security posture, influencing engineering and operations, and ensuring we remain secure while implementing quickly.

You’ll collaborate with consultants, our internal security team, and external auditors while partnering closely with engineering and Dev Ops to embed secure‑by‑design practices, support risk‑based decisions, maintain clear, audit‑ready documentation, and support regular reporting on security metrics and vulnerability reports.

This high‑expertise role is ideal for an experienced problem‑solver who delivers measurable security outcomes with clarity and requires little guidance in technical implementation. Due to our government contract requirements, this position is open to U.S. citizens only who have the ability to obtain a government security clearance.

• Implement cybersecurity controls for cloud, application, and operational security within the program, leveraging strong expertise in AWS tools (IAM, KMS, Cloud Trail, Guard Duty).
• Support compliance with CMMC/NIST 800‑171 and FedRAMP/NIST 800‑53 by executing technical controls with high proficiency, collaborating with external consultants and the cybersecurity team.
• Translate CMMC/NIST 800‑171 and FedRAMP/NIST 800‑53 requirements into practical, low‑friction technical controls that integrate with engineering workflows.
• Maintain risk registers, access reviews, incident response plans, and security policies, ensuring alignment with program objectives.
• Prepare audit‑ready documentation, including System Security Plans (SSPs), security diagrams, and evidence reports, with accuracy and efficiency.
• Support regular reporting on security metrics and vulnerability reports, providing clear insights to ensure transparency and compliance.
• Contribute technical expertise to security‑related discussions with engineering, Dev Ops, product, and leadership teams, fostering effective collaboration.
• Enable secure development practices, including static analysis and CI/CD controls, using tools like Terraform or Snyk with strong proficiency.
• Identify and address gaps in logging, alerting, encryption, and endpoint security within the program, applying expert judgment in collaboration with the cybersecurity team.
• 5+ years of experience in security engineering, Dev Sec Ops , or security program roles, with a strong track record of technical implementation.
• Strong expertise in AWS security best practices and tools, requiring minimal guidance.
• Experience implementing security requirements similar to CMMC/NIST 800‑171 or FedRAMP/NIST 800‑53 (e.g., ISO 27001, NIST 800‑53, SOC 2 Type II).
• Direct experience with CMMC/NIST 800‑171 or FedRAMP/NIST 800‑53 implementation is a plus but not required.
• Proven experience in audit preparation, including control implementation and documentation.
• Pragmatic, risk‑based decision‑maker with the ability to prioritize impactful technical solutions.
• Strong documentation and communication skills, capable of explaining technical controls to auditors and engineers with clarity.
• Experience with FedRAMP ATO or working in regulated…