Director, Corporate Cybersecurity

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

• We invented the cyber ratings industry in 2011
• Over 3000 customers trust Bitsight
• Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote

In this role, you will oversee a talented team with diverse skills and experiences, enabling growth and development across the department and company.

Key Responsibilities:

• Lead and manage the corporate cybersecurity team, fostering a culture of innovation, collaboration, and accountability.

• Develop and implement the corporate cybersecurity strategy, ensuring it evolves alongside company growth and technological advancements.

• Oversee cybersecurity operations, including incident response, threat intelligence, risk assessments, and vulnerability management.

• Provide technical guidance and mentorship to team members, from entry-level to senior cybersecurity professionals, ensuring they remain current on the latest cybersecurity trends, tools, and practices.

• Collaborate with cross-functional teams to ensure security is embedded within all corporate operations, systems, and processes.

• Partner with the organization's GRC team to conduct regular security audits, penetration tests, and simulations to evaluate the organization's security posture.

• Engage with executive leadership to report on cybersecurity initiatives, risks, and performance metrics.

• Drive the continuous improvement of cybersecurity policies, processes, and tools to mitigate emerging threats.

Required Skills/Experience

• Minimum 6+ years in dedicated information security roles

• Strong expertise in TCP/IP networking, TLS/SSL, and PKI cryptography

• AWS Cloud and related security technologies/vendors

• Experience with SIEM (Security Information and Event Management) and EDR (Endpoint Detection and Response)

• Hands-on experience in Security Incident Handling or Response (SOC, DFIR, or Threat Hunting)

• Strong understanding of least access principles and defense-in-depth methodology

• Excellent verbal and written communication skills for multiple audiences (technical, non-technical, and senior executive leadership)

• Ability to work effectively both in team settings and as an autonomous individual contributor

Desired Skills/Experience

• Detection Engineering (Suricata, Yara, Sigma)

• Familiarity with threat hunting and adversarial TTPs (Tools, Tactics, and Procedures)

• Container security and infrastructure-as-code

• Offensive security experience, such as penetration testing, red teaming, web application testing, and source code analysis

• Experience with large scale data sets

• Familiarity with common audit standards and controls frameworks (SOC2, CIS, NIST 800 series, ISO 27001)

• Python scripting and automation

Preferred Certifications

• SANS GCIA/GCIH/GCFA/GCTI, GPEN/GXPN, GWAPT

• Offensive Security OSCP/OSCE

• AWS Certified Security Specialty

• CISSP

Diversity. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point, we hope you’re feeling excited about the job description you just read.  Even if you don’t feel that you meet every single requirement, we still encourage you to apply.  We’re eager to meet people that believe in Bitsight’s mission and can contribute to our team in a variety of ways.

Additional Information for United States of America Applicants:

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email recruiting@bitsight.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.

The anticipated hiring base salary range for this position is US$190,000 to $225,000 annually for US-based employees.  This range reflects the minimum and maximum target for new hire salaries for the position across all US locations, is based on a full-time work schedule, and is Bitsight’s good faith estimate as of the date of this posting.  Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.In addition to base salary, this role is eligible for participation in a bonus or commission plan and an equity grant.  Bitsight also offers a competitive benefits package, including but not but limited to medical, dental, and vision insurance; paid parental leave; flexible time off; a 401(k) plan with employee and company contribution opportunities; life and disability insurance; and tuition reimbursement.