Principal Engineer – Security & Compliance

Are you a security-focused principal engineer ready to set the standard for secure, compliant platforms at scale?

Join Camplight and play a pivotal role in safeguarding the platforms we build — ensuring security, compliance, and trust are embedded into everything we deliver for partners around the world.

What you’ll be working on?

At Camplight, we partner with organizations to design, build, and operate complex software platforms across a variety of industries and regulatory environments.

In this role, you’ll oversee security and compliance across all platform engineering activities, working closely with internal teams and partners to ensure systems are secure by design.

Your work will include:

• Defining and enforcing security standards across new and existing platforms
• Reviewing architectures, systems, and third-party integrations to identify and mitigate risks
• Leading incident response efforts and post-incident reviews
• Conducting proactive security assessments, threat modeling, and compliance reviews
• Helping teams navigate regulatory and compliance requirements while maintaining delivery velocity
• You’ll act as both a technical authority and a trusted advisor, ensuring security is an enabler — not a bottleneck.

Your Role:

• Own the security and compliance strategy across Camplight’s platform engineering work
• Set clear, pragmatic security standards and best practices
• Review and approve system designs, integrations, and infrastructure changes
• Lead and coordinate incident response, including communication and remediation
• Mentor engineers and partners on secure engineering practices
• Balance risk management with real-world product and delivery needs

About Camplight

We build self-organizing technical teams, offer software development services, and work with businesses and entrepreneurs to create new products. With over 300 successful software projects — some ongoing for more than 8 years — we focus on long-term success for our partners. By following the principles of self-management and organizing as a cooperative, we achieve 95% satisfaction among them. We value transparency, collaboration, trust, responsibility, and innovation. When joining Camplight, you can become a co-owner of the cooperative, helping steer the business and sharing in the rewards of our collective success.

What are we looking for?

• Ownership mindset: You take responsibility for outcomes, not just tasks. You care deeply about quality, security, and doing things right — even when it’s hard.
• Security leadership: You’ve set security standards before and know how to influence teams without relying on hierarchy.
• Strong communication: You can explain risks, trade-offs, and decisions clearly to both technical and non-technical stakeholders.
• Pragmatism: You understand how to balance security, compliance, and delivery in real-world systems.

Requirements:

• 8+ years of experience in platform engineering, security engineering, or related roles
• Strong knowledge of secure system design, threat modeling, and risk assessment
• Experience reviewing architectures, integrations, and infrastructure for security risks
• Hands-on experience with cloud platforms (AWS, GCP, Azure, or similar)
• Familiarity with security frameworks and standards (e.g. ISO 27001, SOC 2, OWASP, NIST)
• Experience leading or participating in incident response
• Strong understanding of networking, identity, access management, and data protection
• Experience working in regulated environments
• Background in DevSecOps practices
• Experience advising multiple teams or products simultaneously
• Prior experience in a principal, staff, or director-level engineering role

What do we offer?

We focus on health, wealth, and empowering relationships:

• Fully remote work with flexible hours
• Competitive salary
• Opportunity to become a co-owner of the cooperative
• Individual career development plan
• Friendly, senior, and collaborative team culture
• Strong emphasis on mental and physical well-being
• A unique environment that blends long-term partnerships, deep technical work, and product craftsmanship

What does the interview process look like?

1. Initial Interview:

A 45-minute conversation with two Camplight team members focusing on culture fit, past experience, security leadership, and how you approach complex risk decisions.

2. Technical Deep Dive*(your choice):

– Homework Assignment: A short, senior-level exercise (~2 hours) followed by a 1-hour discussion and deep dive

– Live Session: A 2-hour technical discussion focused on architecture review, security scenarios, and decision-making

Regardless of the outcome, we provide clear, constructive feedback to support your growth.