BitSight is transforming how companies manage information security risk with objective, verifiable and actionable Security Ratings. BitSight’s platform continuously analyzes vast amounts of external data on security issues and behaviors in order to help organizations manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk. Fifty percent of the world’s cyber insurance premiums are underwritten by BitSight customers, all 4 of the Big 4 accounting firms use BitSight, and 4 of the top 5 investment banks rely on our solution to manage cyber risks.
This position is part of our Security Research team, and as a security researcher you will focus on data analysis and research that develops and drives forward product capabilities. In addition, you will collaborate with fellow internal and external researchers, data scientists, product and engineering groups to support and develop new data sets and analytical capabilities. You will also have opportunities to participate in marketing initiatives to share research results and promote market awareness through blogs and conferences.
Objectives & Responsibilities
- Perform data analysis on internal and external data sets, with the purpose of understanding new and existing ways to gain information about the cybersecurity risk profiles of companies and organizations relevant to further product development.
- Design and research new methods for collection and the applications of data to introduce new product features or serve as enhancements to existing features based on prior research.
- Draft new feature and enhancement functional specifications, and collaborate with product and engineering groups to implement and deliver changes.
- Develop and present prototypes to key stakeholders within the organization to further innovation and shape the product roadmap.
- Establish a strong understanding of how data records are collected and what they imply, becoming a subject matter expert in our observables.
- Have a high attention to detail and ability to assure data quality by developing methods for data curation, cleaning, and modeling.
- Be contextually aware of changes in first-party and third-party data feeds, and capable of suggesting enhancements to shape the data collection roadmap.
- Review and provide feedback on product and research content produced by other members of the data & research teams.
- Conduct research, writing, and presentations in support of marketing activities, and customer engagements to promote key findings, capabilities, and explain data and ratings concepts.
- Strong technical background with expertise in networking and computer and network security, including knowledge of a variety of L3 to L5 protocols, cryptography, and applications
- Experience in enterprise system administration and security operations teams desired.
- Capable of being self-motivated and operating autonomously on projects, or with others in a team.
- Strong communication and analytical skills, including ability to identify and solve ambiguous problems.
- Proficient with programming languages, such as Python, Java, and/or Scala.
- Prior experience and/or willing to learn big data processing technologies and languages such as Hadoop / Spark.
- Ability to conduct statistical experiments and develop rapid prototypes.
- Ownership mentality and entrepreneurial drive.
Masters, PhD, or commensurate professional experience.
About the Company
Based in Boston, MA with additional offices in Raleigh, NC; Lisbon, PT; and Tel Aviv, IL; the company is the pioneer and leader in the security ratings market delivering ratings solutions for third-party risk management, benchmarking, and cyber insurance.