Information Security Analyst

As an Information Security Analyst, you will not be just working together with your peers in the Security team but also with other parts of the organization, like R&D, IT, HR and Office teams in order to maintain and improve the state of security at Bitrise. You will also be part of incident detection and respond, including setting up and fine-tuning security alerts, vulnerability scanners and other security tools and processes which can help detect and react to incidents more effectively. In this position, you will have a direct impact on the whole company because your decisions will contribute to Bitrise’s success both in the short and long-term.
Bitrise Security Team’s mission is to support and provide a secure environment where Bitrise can achieve its business goals. The team consists of highly skilled security people with a DevSecOps mentality and strong focus on our customers (be it internal or external). We are a small but continuously growing team with new challenges (and company-wide impact) every day.

As an Information Security Analyst at Bitrise you will

• Improve security tools and processes: monitor and improve the security standards and processes within the organization and propose projects which could improve the overall security of Bitrise.
• Implement protections: should install and use software, such as firewalls and vulnerability scanners to protect organizations’ sensitive information.
• Vulnerability management: should check and evaluate vulnerability reports (e.g. coming from vulnerability scanners, bug bounty reports) and make sure the issue and remediation plan is clearly communicated to the stakeholders.
• Monitor security incidents: should help Bitrise automate the monitoring of the organization’s networks and systems for security breaches and intrusions.
• Investigate security breaches: should help investigating and responding to potential security incidents. After the incident, should participate in the technical and forensic investigation to understand how the breach happened, the extent of the damage and how to prevent or detect such events more effectively next time.
• Improve security awareness: educating staff members on information security via trainings, phishing tests, CTF/war games, etc.
• Contribute to all areas of security as a team member.

Key skills and characteristics

• Relevant Bachelor's/Master’s degree or equivalent work experience in information security, computer science or related field
• Basic IT security knowledge (e.g. OWASP Top 10, network security)
• Fluent English speaking and writing skills
• Good communication skills (both internally and with customers/prospects)
• Strong feedback and continuous learning mindset

What would really knock our socks off

• Participated in bug bounty and/or CTF events before
• Worked in an IT security team before (preferably within a start-up environment)

What we offer

• A commitment to invest in your personal growth and development in the form of courses, conferences, book allowance and more
• The opportunity to learn about app development by playing a crucial role in the mobile development process for the world’s most successful companies
• The security of working in a financially stable, growing company with an ever-expanding global customer base
• A modern, recently renovated office environment optimized for comfort and collaboration, stocked with the latest tech*
• The opportunity to travel the world to meet, learn from, and connect to end-users at conferences and meetings, as well as the chance to occasionally work from one of our international offices.*

Dear Applicant, please note that due to COVID-19, our team is completely remote (included the interview process) in all locations until we truly feel that working from the office is a super safe and risk-free solution for our colleagues. As our Bitrisers’ health and protection are so important for us the travel opportunities and global in-person team building events are on hold for a while. 

About Bitrise
Bitrise is a mobile DevOps platform and a mobile CI/CD service. It’s where tens of thousands of mobile teams build, test and deploy their apps, including companies such as Transferwise (now “WISE”), Virgin Mobile, Grindr, Tonal, Compass, Mozilla, Philips Hue, Babbel and others. With customers ranging from startups and mobile unicorns to centuries-old enterprises, applications built, tested, and deployed through Bitrise have made their way to billions of end users around the world. Chances are, you have at least some of those apps on your phone right now. We’re proud Y-combinator alumni.
#LI-Remote