Staff Threat Researcher

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

• We invented the cyber ratings industry in 2011
• Over 3000 customers trust Bitsight
• Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote

Bitsight’s Threat Research team develops and deploys strategies to discover systems compromised by malware and potentially unwanted applications through in depth research and analysis of malware families and infrastructure. As a Staff Threat Researcher, you will research how threats target systems and derive novel mechanisms to infer infections and trends in the threat landscape from our sensor networks. The output of your work will directly improve the world’s largest malware infections tracking system. This is one of the biggest differentiators of Bitsight, as its volume, accuracy and data quality allow for a unique capability when measuring security ratings.

We are looking for candidates who are passionate about cybersecurity and are able to research a threat with limited supervision, derive datasets in meaningful intelligence, develop tools and scripts to assist in threat hunting and tracking.

Objectives & Responsibilities

• Keep up to date with the current and past threat landscape to infer detection patterns from multiple data sources;

• Develop software prototypes of network telemetry data collection systems;

• Conduct exploratory data analysis on network and security telemetry datasets;

• Create malware traffic detection signatures based on network communication patterns;

• Research and evaluate methods of inferring security properties from network telemetry data;

• Help design and  implement threat data collection pipelines;

• Carefully document decisions and observations made during research;

• Lead complex malware Research initiatives;

• Lead the Research and implementation of novel malware artifact collection techniques;

• Act as a mentor to less experienced team members.

Qualifications

• Academic background (BSc or MSc) in cybersecurity, computer science, or similar technological field; or relevant professional experience;

• Previous experience with malware analysis;

• Deep understanding about modern malware infrastructure and operation;

• Familiarity with detection engineering;

• Expert level knowledge in reverse engineering Windows, Linux, Android, MacOS or iOS Operating Systems;  

• Hands on experience with malware tracking techniques such as sinkholing

• Experience with public cloud platforms such as AWS and GCP and container technologies such as Docker;

• Proficient in standard scripting languages;

• Strong communication and analytical skills, including the ability to identify and solve ambiguous problems;

• Previous work experience in Cybersecurity technical or operational teams is a plus.

Education

• BSc or MSc in cybersecurity, computer science, or similar technological field; or relevant professional experience;

• Relevant industry certifications are a plus.

Diversity. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point, we hope you’re feeling excited about the job description you just read.  Even if you don’t feel that you meet every single requirement, we still encourage you to apply.  We’re eager to meet people that believe in Bitsight’s mission and can contribute to our team in a variety of ways.

Additional Information for United States of America Applicants:

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email [email protected]. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.