Principal Vulnerability Researcher

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss.
Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.

• We invented the cyber ratings industry in 2011
• Over 3000 customers trust Bitsight
• Over 750 teammates are dispersed throughout Boston, Raleigh, New York, Lisbon, Singapore, and remote

The Vulnerability Research team within Bitsight’s Security Research department develops and deploys techniques to remotely detect the presence of recently disclosed vulnerabilities.  These techniques are integrated into the company’s Internet scanning infrastructure which enables Bitsight to measure the rate at which organizations patch and remediate vulnerabilities.  This function is a critical input into Bitsight’s capability to assess the effectiveness of organizational security programs as well as the ability to identify third party vulnerability exposures in organizations’ digital supply chains.  The team also enables a unique form of “vulnerability epidemiology” research in tracking the scale, impact, and organizational response for high-profile vulnerabilities.

As a Principal Vulnerability Researcher, you are the technical lead and primary architect for Bitsight’s global vulnerability detection capabilities. In this position, you will write vulnerability detections and you oversee the methodology for vulnerability detection across the entire team. You will lead the research into newly disclosed CVEs, analyze complex vulnerabilities, and develop high-fidelity remote detection techniques that feed our global scanning infrastructure.
 

A key part of this role is innovation through acceleration. You will leverage AWS and Google Cloud services alongside AI/Machine Learning to automate or accelerate our workflows. Operating at our scale requires a deep understanding of networking, the implication of scanning the entire internet, a penetration testing mindset, and a rigorous commitment to legal and ethical scanning boundaries. You will ensure our telemetry is the fastest, most accurate, and most legally compliant in the industry.

• Vulnerability & CPE Research: Lead the end-to-end research of high-impact CVEs. Reverse engineer patches and analyze network protocols to identify unique "fingerprints" for both vulnerabilities and product versions (CPEs).

• Architecting Detection at Scale: Design and implement detection logic that runs efficiently at internet scale, ensuring minimal false positives and maximum coverage. Ensure all detection methodologies maintain the highest standards of accuracy and ethical integrity to create novel detections while ensuring legal compliance.

• AI & ML Innovation: Lead the integration of Machine Learning and Large Language Models (LLMs) to accelerate vulnerability discovery, patch analysis, and the generation of high-fidelity detection logic. Identify and Implement AI/ML workflows to speed up the research lifecycle.

• Cloud-Native Telemetry: Architect and oversee the deployment of distributed scanning agents.

• Technical Deep-Dive & Analysis: Apply advanced analytical techniques, including software reverse engineering and patch diffing (e.g., BinDiff, Ghidra), when necessary to uncover undocumented protocols or identify the root cause of high-impact vulnerabilities. 

• Red Team Mindset: Apply a penetration testing or red-teaming lens to ensure our detection methods are robust against obfuscation and reflect real-world threat actor behavior.

• Mentorship & Influence: Provide high-level technical mentorship to Senior and Staff engineers, fostering a culture of trust, research excellence and continuous technical growth.

• Legal Stewardship: Act as a primary steward of Bitsight’s legal scanning guidelines. Help shape and improve these guidelines to ensure our research remains "outside the box" while staying strictly within legal and ethical boundaries.

• Executive Consultancy: Act as a subject matter expert for senior leadership, translating complex technical risks into strategic business insights regarding global threat landscapes.

• Experience: 10+ years of experience in vulnerability research, exploit development, and network-based detection, with a proven history of industry-level impact.

• Cloud Mastery: Expert-level experience architecting and deploying security tools within AWS and/or Google Cloud, utilizing serverless, containerized (K8s), and distributed data processing services.

• Technical Deep-Dive: Mastery of Python, SQL, software development lifecycle (SDLC) and CI/CD best practices. Expert-level skills in static/dynamic analysis, network reconnaissance tools (e.g. Burp suite), patch diffing (e.g., BinDiff), and disassembly tools (IDA Pro, Ghidra, Binary Ninja).

• Systems Thinking: Ability to solve highly ambiguous, "Internet-scale" problems where traditional tools fail.

• Leadership Presence: Exceptional communication skills with the ability to influence technical direction across multiple departments and levels of the organization.

• Academic Background: Master’s degree in Computer Science or a related field preferred.

• AI/ML Proficiency: Demonstrated experience applying Machine Learning techniques (e.g., NLP for code analysis, anomaly detection, or LLM-aided reverse engineering) to automate security workflows.

• Industry Recognition: A track record of public-facing contributions, such as CVE discoveries, whitepapers, or presentations at major security conferences (Black Hat, DEF CON, REcon, etc.).

Belonging & Inclusion. Bitsight is proud to be an equal opportunity employer. This means we do not tolerate discrimination of any kind and are committed to providing equal employment opportunities regardless of your gender identity, race, nationality, religion, sexual orientation, status as a protected veteran, or status as an individual with a disability.

Culture. We put our people first. Bitsight offers best in class benefits. We devote the same energy to nurturing our company's inclusive culture as we apply to serving our customers' needs. Working at Bitsight will give you the opportunity to fulfill your professional goals and expand your skills.

Open-minded. If you got to this point, we hope you’re feeling excited about the job description you just read.  Even if you don’t feel that you meet every single requirement, we still encourage you to apply.  We’re eager to meet people that believe in Bitsight’s mission and can contribute to our team in a variety of ways.

Bitsight also provides reasonable accommodations to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email [email protected]. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

Additional Information for United States of America Applicants:

Bitsight is committed to compliance with all fair employment practices regarding citizenship and immigration status.

Bitsight will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Qualified applicants with criminal histories will be considered for employment consistent with applicable law.

This position may be considered a promotional opportunity pursuant to the Colorado Equal Pay for Equal Work Act.

The anticipated hiring base salary range for this position is US$180000 to $205000 annually for US-based employees. This range reflects the minimum and maximum target for new hire salaries for the position across all US locations, is based on a full-time work schedule, and is Bitsight’s good faith estimate as of the date of this posting. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.In addition to base salary, this role is eligible for participation in a bonus or commission plan and an equity grant. Bitsight also offers a competitive benefits package, including but not but limited to medical, dental, and vision insurance; paid parental leave; flexible time off; a 401(k) plan with employee and company contribution opportunities; life and disability insurance; and tuition reimbursement.