Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

• We invented the cyber ratings industry in 2011
• Over 3000 customers trust Bitsight
• Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote

Job Description:

Focus on the security of BitSight's infrastructure and code. Take on projects end-to-end that range from testing and implementing new security tools to developing automation for security tasks. Collaborate closely within Engineering in an open, DevOps culture, and contribute new ideas and techniques to solve security challenges. Assess and prioritize risk in the scope of the BitSight cloud infrastructure and products. Implement, maintain, and monitor host, network, and cloud security controls across the BitSight infrastructure. Collaborate with the DevOps and development teams in developing technical solutions and new security tools to help mitigate security risks and vulnerabilities and automate repeatable tasks. Support Engineering in deploying a "shift-left" security approach to development. Support the deployment and operation of self-assessment programs such as bug bounties and penetration testing. Perform incident response duties and implement the necessary automation to respond to incidents in a timely fashion. Work in achieving compliance with security frameworks. Provide off-shift availability for production issues or maintenance. Telecommuting permitted up to 100%.

Job Requirements:

Requires a Bachelor's degree (or foreign equivalent) in Computer Engineering, Computer Science, Cybersecurity or a directly related field plus two (2) years of experience as Security Engineer or related occupation.

Two (2) years of experience in the following (experience may be gained concurrently):

- Designing and deploying security systems such as VPN, WAF, SIEM, or IDS

- Experience with Linux systems and OS security

- Experience with software development or automation scripting in Python

40 hours/week, 9:00am-5:00pm. Salary range: $125,000 to $145,000/year.

Diversity. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point, we hope you're feeling excited about the job description you just read. Even if you don't feel that you meet every single requirement, we still encourage you to apply. We're eager to meet people that believe in Bitsight's mission and can contribute to our team in a variety of ways.

Additional Information for United States of America Applicants:

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email . This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.