Director, Cybersecurity

At PitchBook, we are always looking forward. We continue to innovate, evolve, and invest in ourselves to bring out the best in everyone. We’re deeply collaborative and thrive on the excitement, energy, and fun that reverberates throughout the company. 

Our extensive learning programs and mentorship opportunities help us create a culture of curiosity that pushes us to always find new solutions and better ways of doing things. The combination of a rapidly evolving industry and our high ambitions means there’s going to be some ambiguity along the way, but we excel when we challenge ourselves. We’re willing to take risks, fail fast, and do it all over again in the pursuit of excellence.

If you have a good attitude and are willing to roll up your sleeves to get things done, PitchBook is the place for you. 

About the Role:

As a member of the Product and Engineering team at PitchBook, you will be part of a team of big thinkers, innovators, and problem solvers who strive to deepen the positive impact we have on our customers and our company every day. We value curiosity and the drive to find better ways of doing things. We thrive on customer empathy, which remains our focus when creating excellent customer experiences through product innovation.

We know that greatness is achieved through collaboration and diverse points of view, so we work closely with partners around the globe. As a team, we assume positive intent in each other’s words and actions, value constructive discussions, and foster a respectful working environment built on integrity, growth, and business value. We invest heavily in our people, who are eager to learn and constantly improve. Join our team and grow with us!

As Director of Cybersecurity within PitchBook's engineering division, your primary responsibility will be to spearhead the integration of cybersecurity practices into the early stages of our Software Development Life Cycle (SDLC), ensuring a 'shift left' approach. This entails leading the security vision, strategy, and execution across PitchBook’s products and data platforms, aligning with our overarching business goals. Together with your cybersecurity team, you'll collaborate closely with engineers, management, and our global workforce of over a thousand employees to safeguard PitchBook's data assets and information systems against the escalating global threat landscape while also managing cyber risk in support of PitchBook's mission and clientele.

You will helm the Cybersecurity Engineering and Analysis teams, focusing on cultivating and advancing critical security capabilities, such as threat management, vulnerability management, data security management, and information security governance risk and compliance programs. Your leadership will navigate the complexities of a customer-centric, rapidly growing environment that demands agile, nimble implementations and visionary strategic planning.

Your mission will be twofold: to ensure the reliability of a premier preventative security program and to guarantee the readiness of a comprehensive incident response system. Your efforts will have a wide-reaching impact as you cultivate a 'secure culture' within the organization, enhancing awareness of the contemporary threat landscape and empowering every individual with the knowledge and tools to manage cyber risk effectively. It will be your duty to ensure PitchBook's alignment with the corporate security mission from top to bottom.

Your success will hinge on your ability to foster collaboration among colleagues, exert leadership within a matrixed organizational structure, elevate engineers and development managers through automation, reliability services, and support, and facilitate the efficient use of our cloud platform by hundreds of engineers globally. Engaging with empathy, soliciting feedback, and nurturing a sense of belonging, teamwork, and purpose will be essential components of your role. 

Primary Job Responsibilities:

• Takes charge of cybersecurity engineering and analysis operations, shaping strategies, standards, and practices throughout the organization. Collaborate closely with engineering leaders, product managers, and business risk teams to develop roadmaps and define success metrics 
• Craft technology systems designed to enhance cyber risk protections, establish agile response and recovery mechanisms for cyber incidents, and promote engineering excellence in portability, usability, maintainability, scalability, recoverability, availability, extensibility, and security across the company 
• Fosters and promotes a DevSecOps culture within PitchBook, ensuring security is integral to product development, engineering processes, and operations through structured collaboration, empowerment, and automation 
• Ensures PitchBook's information security and cyber risk management efforts harmonize with the organization’s overarching mission and compliance obligations 
• Offers security assurance and conducts due diligence to safeguard the interests of PitchBook management, its customers, and external partners 
• Oversees the cybersecurity engineering and analysis realms, managing threat and vulnerability assessments, data security protocols, cyber incident responses, and governance related to risk and compliance in information security 
• Encourages the team to stay abreast of and adopt cutting-edge standards in cloud security, application security practices, and the secure software development lifecycle 
• Embodies and promotes the company's vision and values, serving as a model for the desired workplace culture and behaviors 
• Engages in and contributes to various company initiatives and projects as needed 

Skills and Qualifications:

• Master's degree in computer science, Software Engineering, or a related field 
• 7+ years of experience in architect-level or senior roles in Security Engineering, Security Operations, Security Analysis, Cloud Security, Application Security, or DevSecOps, within medium to large-scale organizations 
• Possesses at least 3 years of leadership experience, overseeing departmental or organizational-wide initiatives in Security Engineering, Security Operations, Security Analysis, Cloud Security, Application Security, or DevSecOps 
• Demonstrates a comprehensive understanding of modern cloud security practices, application security measures, secure software development lifecycles, and cybersecurity incident response protocols 
• Proficient in threat management, vulnerability management, data security, information security governance, risk, and compliance 
• Well-versed in key security frameworks (SOC2, ISO 27001/2, NIST CSF, CSA CCM), data protection regulations (GDPR, CCPA, SOX, 23 NYCRR 500), and corporate compliance standards 
• Familiar with Amazon Web Services, Google Cloud Platform, IaaS/PaaS/SaaS solutions, and tools like Rapid7, Splunk, IDS/IPS systems, DLP, NAC technologies, and federated IAM solutions 
• Proven track record of developing and implementing multi-year strategic initiatives with a strong emphasis on measurable outcomes 
• Holds one or more advanced cybersecurity certifications (CISSP, CISM, CCISO, or equivalent) 
• Exceptional communication abilities, both in writing and speaking. Skilled in presentation, adaptable in communication style to suit different audiences 
• Experience with DevOps, Infrastructure-as-Code, Terraform, Docker, or Kubernetes is preferred 
• Proficient in Microsoft Office suite, with advanced Outlook, Word, and Excel skills, and a quick learner of new systems and software 

Benefits + Compensation at PitchBook:

Physical Health            

• Comprehensive health benefits
• Additional medical wellness incentives 
• STD, LTD, AD&D, and life insurance

Emotional Health 

• Paid sabbatical program after four years
• Paid family and paternity leave 
• Annual educational stipend
• Ability to apply for tuition reimbursement
• CFA exam stipend 
• Robust training programs on industry and soft skills 
• Employee assistance program
• Generous allotment of vacation days, sick days, and volunteer days 

Social Health 

• Matching gifts program
• Employee resource groups
• Subsidized emergency childcare  
• Dependent Care FSA
• Company-wide events
• Employee referral bonus program  
• Quarterly team building events

Financial Health 

• 401k match
• Shared ownership employee stock program 
• Monthly transportation stipend  

*Please be aware the above PitchBook benefit and perk offerings are subject to corresponding plan and policy documents and may change during the course of your employment.

Compensation

• Annual base salary: $250,000-$270,000
•  Target annual bonus percentage: 20%

*Starting pay will be based on several factors and commensurate with qualifications & experience. We also have a location-based compensation structure; there may be different ranges for candidates by location. 

Working Conditions:

The job conditions for this position are in a standard office setting. Employees in this position use PC and phone on an on-going basis throughout the day. Limited corporate travel may be required to remote offices or other business meetings and events.

Life At PB:

We are consistently recognized as a Best Place to Work and our culture is at the heart of our success. It’s our fundamental belief that people do and create great things and that people are the cornerstone of prosperity. We believe that proactively seeking out different points of view, listening to others, learning, and reflecting on what we’ve heard creates a sense of belonging within PitchBook and strengthens the PitchBook community.

We are excited to get to know you and your background. Concerned that you might not meet every requirement? We encourage you to still apply as you might be the right candidate for the role or other roles at PitchBook.

#LI-JH1