BCG - Boston Consulting Group
Senior Security Engineer
Location:
Geography:
Capabilities:
Industries:
Who We Are
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we work closely with clients to embrace a transformational approach aimed at benefiting all stakeholders—empowering organizations to grow, build sustainable competitive advantage, and drive positive societal impact.
Our diverse, global teams bring deep industry and functional expertise and a range of perspectives that question the status quo and spark change. BCG delivers solutions through leading-edge management consulting, technology and design, and corporate and digital ventures. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, fueled by the goal of helping our clients thrive and enabling them to make the world a better place.
Practice Area Profile
What You'll Do
POSITION SUMMARY:
As a Senior Security Engineer, you will be responsible for identifying risks issues associated with products, establishing security and privacy protocols specific to GAMMA, and serving as coordinating and compliance function for GAMMA. This person will lead and drive GAMMA’s overall information security and compliance agenda- ensuring we meet corporate standards, covering initiatives with product teams and internal GAMMA functions and infrastructure, and sharing best practices across the enterprise Your strong analytical skills and ability to develop innovative problem solving solutions will support mission critical decision analytics for our clients. We are looking for talented individuals with a serious commitment to security, software development, data science, large data analytics and transforming organizations into analytics led innovative companies. As a new division in process of creating an innovative platform, we have many opportunities available throughout our GAMMA team.
RESPONSIBILITIES:
• Understand the business, strategy, and information security requirements, implement information security standards, conduct system security and vulnerability analyses and risk assessments, recommend secure architecture aligned to business architecture, and identify/drive remediation of integration issues.
• Expert Role in Client Projects
• Global coordination and alignment with engineering and IT Teams across GAMMA and BCG
• Work with BCG and GAMMA product, engineering, IT, and legal teams to improve BU security position, compliance and risk management
• Share best practices in information security between product & functional teams and across GAMMA
• Interact with stakeholders and possess the ability to influence direction, articulate risks and sell secure solutions/roadmaps
• Document and execute the internal risk analysis process and 3rd party risk process for business partners, affiliates, subsidiaries, and recommend appropriate mitigation to ensure protection of corporate information assets
• Provides expert knowledge of information security solutions and applications, as well as good information security methodologies in the software development life cycle
• Operate the internal and external security regulatory compliance framework and audit processes (e.g. ISO 27001, PCI, HIPAA, SOX, GDPR, GLBA, etc.) and regularly report metrics to the GAMMA leadership team and BCG more broadly
• Partner with internal and external designers & engineers to ensure security requirements for products, data, infrastructure, and cloud services
• Review contracts to ensure appropriate data safeguards are included
• Partner with BCG’s Risk Function leaders to ensure latest guidance is implemented and collaborate with risk and ABM relevant managers to ensure cross pollination of best practices
• Works with the enterprise Cyber Security Incident Response Team in information security events and incidents affecting GAMMA
What You'll Bring (Experience & Qualifications)
REQUIREMENTS:
• Bachelor’s degree required; preferred focus on Information Technology, CS/Engineering, Economics, or Business
• 5+ years of experience as a security engineer in a software development/product or consulting firm
• Knowledge in developing and maintaining information security policy, standards and guidelines
• Experience with PII (Personally Identifiable Information) and Data Laws as used in information security and privacy laws
• Experience with data security, proper policy and governance along with BRP and DRP strategies.
• Strong written and verbal communications skills; must be able to communicate highly complex and technical concepts and information risk to business leaders to aid them in making informed risk decisions.
• Conceptual understanding over multiple security subject areas and applied experience; Technical background in Security and Risk Management
• Must have experience overseeing compliance efforts and experience with business risk management with the ability to communicate the balance between strong security and business realities
• IT security certifications (CISSP, CISM, CISA, GIAC, CEH or similar)
• Possess or have the ability to acquire a DOD Secret Security Clearance.
Preferred Skills:
• Experience with Hashicorp Vault, Terraform & Consul
• Exposure to analytics applications or experience building analytics tools
• Familiarity with the storage, manipulation and management of relational, non-relational and streaming data structures
• Analytic reasoning and complex problem solving involving mathematical programming and big data problems
• Understanding of parallel computing
TECHNOLOGIES:
• Programming Languages: Python, C++, Java
• DevOps: Docker, Kubernetes, CI/CD, Terraform, unix-based command line
• Data: SQL, Spark, Hadoop
• Containers, Kubernetes (managed versions AKS, EKS, GKE)
• Cloud: AWS/Azure/Google
WORK ENVIRONMENT:
• Fast-paced, intellectually intense, service-oriented environment
• Position has the ability to be local to the following North American regions: New York City, Boston, Washington D.C., Seattle, Los Angeles, San Francisco, or Chicago
• International and regional travel will be required to worldwide BCG offices with product team presence and in connection with team meetings (up to 60%).
• BCG’s Personalized Staffing Model is designed to give you the optimal balance of support and opportunity within our robust network. A dedicated staffer in your region will work closely with you to understand your needs, goals, and preferences and to identify case experiences that satisfy these while also addressing business and client demands. With each case, you’ll explore a different set of challenges while gaining invaluable exposure and experience as well as extensive coaching and mentorship.
• BCG is deeply committed to supporting your individual development and ensuring you integrate fully into the BCG System and culture. You will be assigned a BCG GAMMA Career Development Committee advisor who will also help with your integration, annual planning, and career development. We expect that locally, you will fully participate in the numerous staff meetings, trainings and team building activities scheduled throughout the year in the office.
Date Posted:
Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E-Verify Employer. Click here for more information on E-Verify.