Sr. Cybersecurity Engineer

At PitchBook, we are always looking forward. We continue to innovate, evolve and invest in ourselves to bring out the best in everyone. We’re deeply collaborative and thrive on the excitement, energy and fun that reverberates throughout the company. 

Our extensive mentorship, education and training programs help us create a culture of curiosity that pushes us to always find new solutions and better ways of doing things. The combination of a rapidly evolving industry and our high ambitions means there’s going to be some ambiguity along the way, but we excel when we challenge ourselves. We’re willing to take risks, fail fast and do it all over again in the pursuit of excellence.

If you have a good attitude and are willing to roll up your sleeves to get things done, PitchBook is the place for you. 

About the Role:

As the Sr. Cybersecurity Engineer in Pitchbook’s engineering division, you will oversee the execution and management of security and technical delivery for Pitchbook’s suite of products and data platforms in support of key business objectives. You and your cybersecurity engineering team will work with product engineers, management and over a thousand global employees to protect PitchBook data assets and information systems from the growing global threat landscape while providing cyber risk management for PitchBook’s mission and customers.

This role will be key to developing and overseeing application security standards and requirements development. Your ability to collaborate with colleagues, provide leadership in a matrix-style structure, level up junior engineers will be critical to your success. You will solicit feedback, engage others with empathy and help create a culture of belonging, teamwork and purpose. 

Primary Job Responsibilities:

• As a strong hands-on person in the team, you will write code to perform security automation and tool configuration to enhance security of PitchBook infrastructure
• Always be identifying newer and more secure ways to access and protect assets
• Analyze and secure computing clusters such as Kubernetes and Elastic Container Service
• Provide technical and security expertise throughout incident response (including log analysis, memory and disk forensics, reverse engineering, network containment and threat eradication)
• Design and develop controls on all aspects of the security lifecycle – protect, detect, contain, respond and recover; talk about the usefulness of those controls with various teams
• Select and manage application security solutions, such as Web Application Firewalls (WAF), security scanners and security incident and event management (SIEM) tools
• Integrate application security testing and controls into different phases of teams’ development lifecycles
• Provide security expertise and consulting to partner teams in product functions and across the enterprise as needed
• Collaborate and partner with the IT, DevOps, Engineering and Test teams to ensure successful completion of our roadmaps and initiatives.

Skills and Qualifications:

• 5-7 years of experience in Information Security or 3-5 years of experience in related technology functions, such as infrastructure/cloud engineering or software development
• Experience in docker containers and Kubernetes security such as pod-security policy and network security policy
• Experience in developing infrastructure-as-a-code using Terraform, CloudFormation, Continuous Integration and Continuous Delivery and Gitlab
• Experience in working with various AWS logs, including but not limited to, VPC Flowlog, S3, ELB, CloudFront and outputs WAF, network firewalls, intrusion detection systems and intrusion prevention system
• Experience in one or more programming languages (Python, Node.js and Java)
• Experience in patch management, container scanning and vulnerability scanning in the cloud
• Experience in memory analysis, forensic and network analysis tools such as Wireshark, BurpSuite, TCPDump and Scapy

Benefits + Compensation at PitchBook:

Physical Health            

• Comprehensive health benefits
• Additional medical wellness incentives 
• STD, LTD, AD&D and life insurance

Emotional Health 

• Paid sabbatical program after four years
• Paid family and paternity leave 
• Annual educational stipend
• Ability to apply for tuition reimbursement
• CFA exam stipend 
• Robust training programs on industry and soft skills 
• Employee assistance program
• Generous allotment of vacation days, sick days and volunteer days 

Social Health 

• Matching gifts program
• Employee resource groups
• Subsidized emergency childcare  
• Dependent Care FSA
• Company-wide events
• Employee referral bonus program  
• Quarterly team building events

Financial Health 

• 401k match
• Shared ownership employee stock program 
• Monthly transportation stipend  

*Please be aware the above PitchBook benefit and perk offerings are subject to corresponding plan and policy documents and may change during the course of your employment.

Compensation

• Annual base salary: $111,550-$188,600
• Target annual bonus percentage: 10%

*Starting pay will be based on several factors and commensurate with qualifications & experience. We also have a location-based compensation structure; there may be different ranges for candidates by location.

Life At PB:

We are consistently recognized as a Best Place to Work and our culture is at the heart of our success. It’s our fundamental belief that people do and create great things and that people are the cornerstone of prosperity. We believe that proactively seeking out different points of view, listening to others, learning and reflecting on what we’ve heard creates a sense of belonging within PitchBook and strengthens the PitchBook community.

We are excited to get to know you and your background. Concerned that you might not meet every requirement? We encourage you to still apply as you might be the right candidate for the role or other roles at PitchBook.

#LI-CC2