Security Specialist- Internal Security
Boston, Raleigh OR remote
BitSight
Bitsight is a global cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties.BitSight is looking for an experienced Security Specialist to join our growing Internal Security team. We pride ourselves in building exceptional career opportunities and offering outstanding benefits to our team. We have the enthusiasm of a start-up but the structure and solidity of a mature industry leader.
We are seeking a talented practitioner to help scale the organization's rapidly growing security capabilities and continue to evolve our protections as the threat landscape changes. In this role, you will have the flexibility to help drive the overall security strategy and be a subject matter expert with class leading security platforms. You would help define proactive and preventative security measures to keep BitSight and its employees' data safe.
BitSight is transforming how companies manage information security risk with objective, verifiable and actionable Security Ratings. BitSight’s platform continuously analyzes vast amounts of external data on security issues and behaviors in order to help organizations manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk. Fifty percent of the world’s cyber insurance premiums are underwritten by BitSight customers, all four of the Big 4 accounting firms use BitSight, and four of the top five investment banks rely on our solution to manage cyber risks.
Required Skills/Experience:
- Minimum 4+ years in dedicated information security roles
- TCP/IP networking
- TLS/SSL and PKI cryptography
- AWS Cloud and related security technologies/vendors
- SIEM and EDR
- Security Incident Handling or Response (SOC, DFIR, or Threat hunting)
- Strong understanding of least access principles
- Strong understanding of defense-in-depth methodology
- Excellent verbal and written communication skills for multiple audiences (technical, non-technical, and senior executive leadership)
- Comfortable both in team settings and as a strong autonomous individual contributor
Desired Skills/Experience:
- Detection Engineering (suricata, yara, sigma, etc.)
- Familiarity with threat hunting, common adversarial tools, tactics, and procedures (TTPs)
- Container security
- Infrastructure-as-code
- Experience with offensive security such as penetration testing, red teaming, web application testing, and source code analysis
- Experience with peta-scale data sets
- Common Audit Standards and Controls Frameworks (SOC2, CIS, NIST 800 series, ISO 270001, etc)
- Python
Preferred Certifications:
- AWS Certified Security Specialty
- SANS GCIA/GCIH/GCFA/GCTI, GPEN/GXPN, GWAPT
- Offensive Security OSCP/OSCE
Tags: AWS Cloud Code analysis Cryptography EDR GCFA GCIA GCIH GPEN GWAPT GXPN NIST Offensive security OSCE OSCP Pentesting PKI Python SANS Security strategy SIEM SOC 2 Strategy TCP/IP TLS TTPs Web application testing
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs