Director of Security and Compliance

At Backlight, our vision is to dramatically improve every stage of the video and entertainment content lifecycle, from creation through monetization. We’re redefining media management, helping some of the world’s largest brands—such as Netflix, NBA, and Spotify—discover and create compelling stories without barriers. Join us in our mission and be part of a dynamic team that’s shaping the future of media management.

Backlight is seeking an experienced Director of Security and Compliance to lead our security initiatives and strengthen our compliance posture. This role will act as Backlight’s head of security, overseeing all aspects of the security program across our product lines, geographies, and production environments. Reporting to the General Counsel, the Director will work cross-functionally to enhance Backlight’s security framework and ensure compliance with industry standards, including SOC 2.

What You’ll Do:

• Strategic Leadership:

  • Develop and execute security strategies to protect company assets, data, and infrastructure while aligning with business objectives.
  • Oversee compliance with SOC 2 and other regulatory frameworks, managing end-to-end audit processes.
  • Mentor and grow the security and compliance team, including direct oversight of the Compliance Analyst, to scale security operations.

• Security Systems Management:

  • Lead the administration and optimization of security systems, such as Crowdstrike (endpoint security), Okta (identity and access management), Orca (cloud security), and application security tools (SAST, SCA, DAST).
  • Assess and enhance the effectiveness of security tools, ensuring seamless integration across the infrastructure.

• Risk Management and Mitigation:

  • Conduct risk assessments, vulnerability testing, and penetration testing to identify and mitigate security risks.
  • Implement policies and procedures to address and minimize organizational risks.

• Audit & Compliance Program Oversight:

  • Serve as the primary contact for SOC 2 and other industry-standard audits, ensuring readiness and managing audit processes.
  • Oversee customer and vendor security reviews, including due diligence questionnaires, with support from the Compliance Analyst.

• Training and Policy Development:

  • Develop and deliver security training programs to promote awareness of security best practices and compliance.
  • Oversee policy creation, updates, and compliance tracking to foster a culture of security within the organization.

• Cross-Functional Collaboration:

  • Partner with IT, product, and engineering teams to embed security controls throughout the software development lifecycle.
  • Provide regular updates to senior leadership on security posture, compliance initiatives, and risk management efforts.

What You’ll Bring:

• Relevant security certifications (e.g., CISSP, CISM).
• Bachelor’s degree in computer science, information security, or a related field.
• 8+ years of experience in security and compliance roles, including 3+ years in a leadership capacity within a technology environment.
• Expertise in managing SOC 2 compliance and corporate security systems, including tools like Crowdstrike, Orca, and Snyk.
• Strong understanding of security frameworks and regulatory requirements (e.g., SOC 2, GDPR, ISO 27001).
• Exceptional project management and audit oversight skills.
• Excellent communication and leadership abilities, with a collaborative and proactive approach.

Join us at Backlight and lead the charge in building a secure, compliant, and innovative organization.