Information Security Analyst

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

• We invented the cyber ratings industry in 2011
• Over 3000 customers trust Bitsight
• Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote

We are looking for a skilled and passionate Cybersecurity Specialist to strengthen and scale our security capabilities in response to an evolving threat landscape. In this role, you will have the opportunity to shape our security strategy, drive the implementation of cutting-edge security technologies, and establish proactive defense mechanisms to safeguard our company and employees' data. As a subject matter expert, you will work with industry-leading security platforms, define preventative measures, and contribute to a culture of security excellence.

BitSight is transforming how companies manage information security risk with objective, verifiable, and actionable Security Ratings. BitSight's platform continuously analyzes vast amounts of external data on security issues and behaviors to help organizations manage third-party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence, and assess aggregate risk. Fifty percent of the world's cyber insurance premiums are underwritten by BitSight customers, all four of the Big 4 accounting firms use BitSight, and four of the top five investment banks rely on our solution to manage cyber risks.

• Develop and enhance security strategies to protect against emerging threats.

• Deploy and manage SIEM, EDR, and cloud security technologies to monitor and respond to incidents effectively.

• Lead or participate in security incident handling and response, including SOC operations, DFIR, and threat hunting.

• Enforce least privilege access principles and secure network architectures.

• Work autonomously while also thriving in a collaborative team environment.

• Utilize defense-in-depth methodology to enhance and sustain a secure environment.

• 4+ years of experience in dedicated information security roles.

• Hands-on experience with SIEM and EDR solutions.

• Expertise in security incident response, SOC operations, DFIR, or threat hunting.

• Strong knowledge of least access principles and defense-in-depth methodologies.

• Solid understanding of TCP/IP networking and security protocols.

• Understanding of AWS cloud environments and working with related security technologies.

• Excellent verbal and written communication skills, with the ability to engage technical, non-technical, and executive audiences.

• Experience with vulnerability management, assessment, and remediation.

• Familiarity with threat hunting, adversarial TTPs, and attack frameworks (MITRE ATT&CK, etc.).

• Conduct offensive security testing, including penetration testing, vulnerability assessments, and adversary emulation.

• Hands-on experience in offensive security disciplines (e.g., penetration testing, red teaming, web app testing, source code analysis).

• Knowledge of security compliance frameworks (e.g., SOC 2, CIS, NIST 800 series, ISO 27001).

• Experience with detection engineering tools (e.g., Suricata, YARA, Sigma).

• Proficiency in Python for security automation, including threat detection and compliance workflows.

• AWS Certified Security Specialty

• SANS Certifications: GCIA, GCIH, GCFA, GCTI, GPEN, GXPN, GWAPT

• Offensive Security Certifications: OSCP, OSCE

Diversity. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point, we hope you're feeling excited about the job description you just read. Even if you don't feel that you meet every single requirement, we still encourage you to apply. We're eager to meet people that believe in Bitsight's mission and can contribute to our team in a variety of ways.

Additional Information for United States of America Applicants:

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email recruiting@bitsight.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.

The anticipated hiring base salary range for this position is US$110,000 to $130,000 annually for US-based employees. This range reflects the minimum and maximum target for new hire salaries for the position across all US locations, is based on a full-time work schedule, and is Bitsight's good faith estimate as of the date of this posting. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.In addition to base salary, this role is eligible for participation in a bonus or commission plan and an equity grant. Bitsight also offers a competitive benefits package, including but not but limited to medical, dental, and vision insurance; paid parental leave; flexible time off; a 401(k) plan with employee and company contribution opportunities; life and disability insurance; and tuition reimbursement.