Bitsight is a cyber risk management leader transforming how companies manage exposure performance and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments build greater trust within their ecosystem and reduce their chances of financial loss.
Built on over a decade of technological innovation its integrated solutions deliver value across enterprise security performance digital supply chains cyber insurance and data analysis.

• We invented the cyber ratings industry in 2011
• Over 3000 customers trust Bitsight
• Over 750 teammates are dispersed throughout Boston Raleigh New York Lisbon Singapore and remote

Reports to: CFO and serves as a key advisor to the CEO with regular engagement with Audit & Risk Committee and Board of Directors on enterprise risk and cybersecurity posture.

Direct Partners: CTO CPO Head of Marketing Head of People

The Objective

We are seeking a strategic operationally rigorous and commercially engaged CISO who views security not as a cost center but as a product differentiator and a catalyst for global trust. You will protect our enterprise value by securing our global infrastructure while simultaneously building enterprise value by acting as a peer-level advisor to our customers influencing our product roadmap and defining how AI transforms cyber risk management.

Role Overview

Bitsight is seeking a Chief Information Security Officer to lead and evolve our global security program. This role is both inward-facing and outward-facing requiring a leader who can balance internal enterprise defense with external market influence.

• Internal Defense & Cross-Functional Partnership: You will be responsible for protecting Bitsights internal systems infrastructure employees products and data. You will partner closely with executive leadership Product Engineering Legal IT GRC People and customer-facing teams to continuously strengthen our security posture.

• Market Voice & Customer Trust: You will serve as a trusted security voice with customers partners analysts media and the broader cybersecurity community.

• AI-Powered Risk Strategy: Combining deep technical and operational security expertise with strong business acumen and executive presence you will play a critical role in shaping Bitsights perspective on how organizations can understand measure and reduce cyber risk in an environment increasingly influenced by AI-driven threats.

Key Responsibilities

Security Operations Risk Management & Resilience

• Modern Defense: Oversee security across endpoints IAM cloud infrastructure (AWS/Azure) SaaS applications and data protection programs. Lead incident response threat detection and vulnerability management.

• AI-Native Security: Ensure our program keeps pace with a rapidly changing threat landscape including AI-assisted phishing GenAI attacks and automated reconnaissance. Enable secure and responsible adoption of AI across the enterprise balancing innovation velocity with appropriate governance risk management and protection of proprietary data assets. Define governance for secure enterprise AI adoption including protecting proprietary datasets and responsible internal AI usage.

• Secure-by-Design: Drive security architecture practices in close partnership with Engineering Product and Product Security teams.

• Operational Resilience: Lead enterprise risk assessments mitigation planning third-party risk and business continuity initiatives.

Product Influence & Customer Trust

• Cross-Functional Execution: Partner closely with Engineering Product IT Legal GRC People Finance and Go-To-Market teams to operationalize security initiatives across the business.

• Strategic Customer Engagement: Serve as an executive security sponsor in high-value customer prospect partner and renewal conversations. Support customer trust initiatives security reviews audits and executive briefings.

• Product & Research Alignment: Partner with Product and Research teams to inform Bitsights strategy around AI-powered cyber risk emerging threat behaviors and how customers can better understand and manage exposure in a changing threat environment.

Security Governance & Executive Leadership

• Executive Advisory: Translate complex technical telemetry and AI-driven threats into clear business risk options and actionable guidance for the CEO CFO and Board.

• Program Maturity: Establish security KPIs metrics and reporting frameworks to measure program effectiveness operational maturity and business impact.

• Compliance & Governance: Partner closely with Legal Privacy and GRC to ensure rigorous adherence to SOC 2 ISO 27001 NIST privacy obligations and emerging global AI regulations.

Industry Leadership & External Engagement

• Market Voice & Ambassadorship: Serve as one of the public faces of Bitsights security and AI strategy representing the company with customers analysts industry groups regulators and media.

• Industry Dialogue: Influence market understanding of how organizations can defend against AI-powered risks through better measurement governance prioritization and continuous risk visibility.

• Ecosystem Relationships & Thought Leadership: Build strategic relationships with fellow security leaders analysts regulators and partners across the cybersecurity ecosystem.

What Were Looking For

• Extensive Security Leadership: 10 years of experience in cybersecurity information security or risk management including 5 years leading enterprise corporate or product-adjacent security organizations in high-growth SaaS cloud technology or cybersecurity companies.

• Program Scaling & Maturation: Proven experience building scaling and maturing modern security programs across cloud-native data-rich and globally distributed environments.

• Technical & Threat Leadership: A deep hands-on background in modern cloud-native security including: IAM incident response DLP and vulnerability management. This combined with an expert-level understanding of the evolving threat landscape specifically AI-enabled risks such as GenAI attacks and automated reconnaissance. You bring this technical rigor together with the strategic pragmatism required to balance strict security priorities against operational realities customer needs and business growth.

• Compliance & Governance: Strong practical experience with compliance and governance frameworks including SOC 2 ISO 27001 NIST and related standards.

• Boston Presence: Ability to be in our Boston headquarters regularly to collaborate with the executive team and lead the local security culture.

Leadership Characteristics

• Leadership Culture & Presence: An exceptional communicator with sound judgment and the ability to serve as a steady hand during crises combined with a deep commitment to mentorship cross-functional collaboration and driving a robust security culture at scale.

• Risk Translation & Strategic Focus: The ability to translate complex technical risksincluding AI-driven threatsinto clear business impact options tradeoffs and actionable guidance. Contributes credibly to product market and thought leadership discussions without losing focus on day-to-day operational security execution.

• Market Instincts & Intellectual Curiosity: A student of how LLMs and automation are changing the adversarys playbook. Leverages this curiosity alongside strong customer-facing instincts to build trust with sophisticated security risk and executive buyers.

Why Bitsight

At Bitsight youll have the opportunity to shape the future of cybersecurity and cyber risk management while working alongside industry-leading experts. This role offers the chance to lead and mature Bitsights internal security program while also influencing customers partners and the broader market. As CISO you will help protect Bitsight strengthen customer trust and advance the industrys understanding of cyber risk in a world increasingly shaped by AI-enabled threats.

Belonging & Inclusion. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity race nationality religion sexual orientation status as a protected veteran or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our companys inclusive culture as we apply to serving our customers needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point we hope youre feeling excited about the job description you just read. Even if you dont feel that you meet every single requirement we still encourage you to apply. Were eager to meet people that believe in Bitsights mission and can contribute to our team in a variety of ways.

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation or need assistance with completing the application process please email . This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

Additional Information for United States of America Applicants:

Bitsight is committed to compliance with all fair employment practices regarding citizenship and immigration status.

Bitsight will not discharge discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about discussed or disclosed the compensation of the employee or applicant or another employee or applicant.

Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.

The anticipated hiring base salary range for this position is US $280000 to $375000 annually for US-based employees. This range reflects the minimum and maximum target for new hire salaries for the position across all US locations is based on a full-time work schedule and is Bitsights good faith estimate as of the date of this posting. Within the range individual pay is determined by work location and additional factors including job-related skills experience and relevant education or addition to base salary this role is eligible for participation in a bonus or commission plan and an equity grant. Bitsight also offers a competitive benefits package including but not but limited to medical dental and vision insurance; paid parental leave; flexible time off; a 401(k) plan with employee and company contribution opportunities; life and disability insurance; and tuition reimbursement.