The Boston Consulting Group Senior Security Engineer in New York, New York
Location: Boston, Chicago, Los Angeles, New York, San Francisco, Seattle, Washington, D.C.
Geography: North America
Capabilities: Big data & advanced analytics, Innovation & product development, Technology & digital
Industries: Automotive & Mobility, Biopharmaceuticals, Consumer products, Education, Energy & environment, Engineered products & infrastructure, Financial institutions, Health care payers & providers, Insurance, Media & entertainment, Medical devices & technology, Metals & mining, Private equity and principal investment, Process industries & building materials, Public sector, Retail, Social sector, Technology industries, Telecommunications, Transportation, travel & tourism
WHO WE ARE
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.
To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.
PRACTICE AREA PROFILE
BCG GAMMA combines innovative skills in computer science, artificial intelligence, statistics, and machine learning with deep industry expertise. The BCG GAMMA team is comprised of world-class data scientists and business consultants who specialize in the use of advanced analytics to get breakthrough business results. Our teams own the full analytics value-chain end to end: framing new business challenges, building fact-bases, designing innovative algorithms, creating scale through designing tools and apps, and training colleagues and clients in new solutions. Here at BCG GAMMA, you ll have the chance to work with clients in every BCG region and every industry area. We are also a core member of a rapidly growing analytics enterprise at BCG - a constellation of teams focused on driving practical results for BCG clients by applying leading edge analytics approaches, data, and technology.
WHAT YOU\'LL DO
As a Senior Security Engineer, you will be responsible for identifying risks issues associated with products, establishing security and privacy protocols specific to GAMMA, and serving as coordinating and compliance function for GAMMA. This person will lead and drive GAMMA s overall information security and compliance agenda- ensuring we meet corporate standards, covering initiatives with product teams and internal GAMMA functions and infrastructure, and sharing best practices across the enterprise Your strong analytical skills and ability to develop innovative problem solving solutions will support mission critical decision analytics for our clients. We are looking for talented individuals with a serious commitment to security, software development, data science, large data analytics and transforming organizations into analytics led innovative companies. As a new division in process of creating an innovative platform, we have many opportunities available throughout our GAMMA team.
* Understand the business, strategy, and information security requirements, implement information security standards, conduct system security and vulnerability analyses and risk assessments, recommend secure architecture aligned to business architecture, and identify/drive remediation of integration issues.
* Expert Role in Client Projects
* Global coordination and alignment with engineering and IT Teams across GAMMA and BCG
* Work with BCG and GAMMA product, engineering, IT, and legal teams to improve BU security position, compliance and risk management
* Share best practices in information security between product & functional teams and across GAMMA
* Interact with stakeholders and possess the ability to influence direction, articulate risks and sell secure solutions/roadmaps
* Document and execute the internal risk analysis process and 3rd party risk process for business partners, affiliates, subsidiaries, and recommend appropriate mitigation to ensure protection of corporate information assets
* Provides expert knowledge of information security solutions and applications, as well as good information security methodologies in the software development life cycle
* Operate the internal and external security regulatory compliance framework and audit processes (e.g. ISO 27001, PCI, HIPAA, SOX, GDPR, GLBA, etc.) and regularly report metrics to the GAMMA leadership team and BCG more broadly
* Partner with internal and external designers & engineers to ensure security requirements for products, data, infrastructure, and cloud services
* Review contracts to ensure appropriate data safeguards are included
* Partner with BCG s Risk Function leaders to ensure latest guidance is implemented and collaborate with risk and ABM relevant managers to ensure cross pollination of best practices
* Works with the enterprise Cyber Security Incident Response Team in information security events and incidents affecting GAMMA
WHAT YOU\'LL BRING (EXPERIENCE & QUALIFICATIONS)
* Bachelor s degree required; preferred focus on Information Technology, CS/Engineering, Economics, or Business
* 5+ years of experience as a security engineer in a software development/product or consulting firm
* Knowledge in developing and maintaining information security policy, standards and guidelines
* Experience with PII (Personally Identifiable Information) and Data Laws as used in information security and privacy laws
* Experience with data security, proper policy and governance along with BRP and DRP strategies.
* Strong written and verbal communications skills; must be able to communicate highly complex and technical concepts and information risk to business leaders to aid them in making informed risk decisions.
* Conceptual understanding over multiple security subject areas and applied experience; Technical background in Security and Risk Management
* Must have experience overseeing compliance efforts and experience with business risk management with the ability to communicate the balance between strong security and business realities
* IT security certifications (CISSP, CISM, CISA, GIAC, CEH or similar)
* Possess or have the ability to acquire a DOD Secret Security Clearance.
The Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, protected veteran status, or any other characteristic protected under federal, state or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
Employer's Job# 10037945-10_New York
Please visit job URL for more information about this opening and to view EOE statement.