Security Specialist

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

• We invented the cyber ratings industry in 2011
• Over 3000 customers trust Bitsight
• Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote

Required Skills/Experience:

• Minimum 4+ years in dedicated information security roles

• TCP/IP networking

• TLS/SSL and PKI cryptography

• AWS Cloud and related security technologies/vendors

• SIEM and EDR

• Security Incident Handling or Response (SOC, DFIR, or Threat hunting)

• Strong understanding of least access principles

• Strong understanding of the defense-in-depth methodology

• Excellent verbal and written communication skills for multiple audiences (technical, non-technical, and senior executive leadership)

• Comfortable both in team settings and as a strong autonomous individual contributor

Desired Skills/Experience:

• Experience with vulnerability assessment and remediation processes.

• Familiarity with threat hunting, common adversarial tools, tactics, and procedures (TTPs)

• Container security

• Infrastructure-as-code

• Experience with offensive security such as penetration testing, red teaming, web application testing, and source code analysis

• Experience with petascale data sets

• Common Audit Standards and Controls Frameworks (SOC2, CIS, NIST 800 series, ISO 27001, etc.)

• Experience with detection engineering tools such as Suricata, Yara, or Sigma (optional but preferred)

• Experience with Python for security task automation, including log analysis, threat detection, and compliance workflows

Preferred Certifications:

• AWS Certified Security Specialty

• SANS GCIA/GCIH/GCFA/GCTI, GPEN/GXPN, GWAPT

• Offensive Security OSCP/OSCE

Diversity. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point, we hope you’re feeling excited about the job description you just read.  Even if you don’t feel that you meet every single requirement, we still encourage you to apply.  We’re eager to meet people that believe in Bitsight’s mission and can contribute to our team in a variety of ways.

Additional Information for United States of America Applicants:

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email recruiting@bitsight.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.