Principal Vulnerability Researcher



Multiple locations
Posted on Wednesday, September 20, 2023

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

  • We invented the cyber ratings industry in 2011
  • Over 3000 customers trust Bitsight
  • Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, Argentina, and remote

You will be a member of the BitSight security data research team. The main goals of the team is to provide BitSight with subject matter expertise in cyber security, and is focused primarily on the analysis of new vulnerabilities and supporting the threat research efforts. In addition, you will collaborate with fellow internal and external researchers, data scientists, product and engineering groups to support and develop new data sets and analytical capabilities.

Primary Duties:

  • Help BitSight maintain the most accurate and up-to-date global visibility on new vulnerabilities;
  • Help BitSight maintain global visibility over the current threat landscape;

Operational Duties:

  • Keep up with newly published vulnerabilities;
  • Understand the technical details of the published vulnerabilities as well as their real risk;
  • Build scripts and software modules to verify the presence of vulnerabilities;
  • Effectively communicate the vulnerability impact;
  • Reverse-engineer vulnerability patches in order to better understand certain vulnerabilities;
  • Assist in analysing data from internet scanning tools in order to validate its accuracy;
  • Assist in the development of tools to improve vulnerability or threat research.

Experience, Skills and Knowledge:

  • Fast learner and motivated.
  • Must be particularly interested in cybersecurity;
  • BSc or MSc is desirable;
  • Comfortable working in Windows, OS X, Linux and Android environments;
  • Technical knowledge of network protocols and security concepts;
  • Comfortable with at least one programming language, ideally Python.

Diversity. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point, we hope you’re feeling excited about the job description you just read. Even if you don’t feel that you meet every single requirement, we still encourage you to apply. We’re eager to meet people that believe in Bitsight’s mission and can contribute to our team in a variety of ways.

Additional Information for United States of America Applicants:

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email . This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.