Modern Defense: Oversee security across endpoints, IAM, cloud infrastructure (AWS/Azure), SaaS applications, and data protection programs. Lead incident response, threat detection, and vulnerability management.
Secure-by-Design: Drive security architecture practices in close partnership with Engineering, Product, and Product Security teams.
Operational Resilience: Lead enterprise risk assessments, mitigation planning, third-party risk, and business continuity initiatives.
Product Influence & Customer Trust
Cross-Functional Execution: Partner closely with Engineering, Product, IT, Legal, GRC, People, Finance, and Go-To-Market teams to operationalize security initiatives across the business.
Strategic Customer Engagement: Serve as an executive security sponsor in high-value customer, prospect, partner, and renewal conversations. Support customer trust initiatives, security reviews, audits, and executive briefings.
Product & Research Alignment: Partner with Product and Research teams to inform Bitsight's strategy around AI-powered cyber risk, emerging threat behaviors, and how customers can better understand and manage exposure in a changing threat environment.
Security Governance & Executive Leadership
Executive Advisory: Translate complex technical telemetry and AI-driven threats into clear business risk, options, and actionable guidance for the CEO, CFO, and Board.
Program Maturity: Establish security KPIs, metrics, and reporting frameworks to measure program effectiveness, operational maturity, and business impact.
Compliance & Governance: Partner closely with Legal, Privacy, and GRC to ensure rigorous adherence to SOC 2, ISO 27001, NIST, privacy obligations, and emerging global AI regulations.
Industry Leadership & External Engagement
Market Voice & Ambassadorship: Serve as one of the public faces of Bitsight's security and AI strategy, representing the company with customers, analysts, industry groups, reg
Benefits
Remote work options
Additional Information
Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.
We invented the cyber ratings industry in 2011
Over 3000 customers trust Bitsight
Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote
Reports to: CFO, and serves as a key advisor to the CEO with regular engagement with Audit & Risk Committee, and Board of Directors on enterprise risk and cybersecurity posture.
Direct Partners: CTO, CPO, Head of Marketing, Head of People
The Objective
We are seeking a strategic, operationally rigorous, and commercially engaged CISO who views security not as a cost center, but as a product differentiator and a catalyst for global trust. You will protect our enterprise value by securing our global infrastructure, while simultaneously building enterprise value by acting as a peer-level advisor to our customers, influencing our product roadmap, and defining how AI transforms cyber risk management.
Role Overview
Bitsight is seeking a Chief Information Security Officer to lead and evolve our global security program. This role is both inward-facing and outward-facing, requiring a leader who can balance internal enterprise defense with external market influence.
Internal Defense & Cross-Functional Partnership: You will be responsible for protecting Bitsight's internal systems, infrastructure, employees, products, and data. You will partner closely with executive leadership, Product, Engineering, Legal, IT, GRC, People, and customer-facing teams to continuously strengthen our security posture.
Market Voice & Customer Trust: You will serve as a trusted security voice with customers, partners, analysts, media, and the broader cybersecurity community.
AI-Powered Risk Strategy: Combining deep technical and operational security expertise with strong business acumen and executive presence, you will play a critical role in shaping Bitsight's perspective on how organizations can understand, measure, and reduce cyber risk in an environment increasingly influenced by AI-driven threats.
Bitsight · Boston, MA