The Boston Consulting Group - Chicago, IL
posted 11 days ago
Full-time - Mid Level
Chicago, IL
Professional, Scientific, and Technical Services
About the position
As a Cybersecurity Senior Consultant at BCG Platinion, you'll be given end-to-end responsibility for an individual 'module' within a BCG client engagement and begin to develop specialized knowledge to help you solve our clients' problems. You'll work on a variety of cybersecurity and digital risk topics, applying generalist consulting skills to strategic cybersecurity & digital risk questions. We are looking for someone who can address our clients' strategic, organizational, managerial, and operational issues using the most advanced cybersecurity methodologies, tools, and techniques.
Responsibilities
- Understand the role technology plays in enabling businesses to execute their strategies and decomposing the cybersecurity implications of this relationship.
- Analyze cybersecurity standards, regulatory requirements, and best practices and translate that into a meaningful set of recommendations tailored to a client's unique environment and circumstances.
- Communicate complex and technical concepts in a concise and business value-centric written form.
- Implement cybersecurity transformation and culture change initiatives.
- Conduct cybersecurity assessments including gap analysis and roadmap development in multiple contexts, including organizations, product development, and cloud security.
- Develop cybersecurity strategies, policies, processes, and procedures to protect clients' internal infrastructure and their customers.
- Understand data protection, data security, and privacy drivers that influence organizations today.
- Develop cybersecurity business strategies for technology product vendors that are integrated in the organizations overall business strategy and increase revenue and profits.
- Work with leadership teams, including facilitating board and senior management cybersecurity awareness workshops.
- Embed product security and DevSecOps practices into the software development lifecycles, system designs, and IT architectures.
- Utilize cyber risk quantification to reduce uncertainty around cyber risk and improve executive decision making.
- Create and facilitate table-top exercises.
- Deliver operational resilience through incident response, business continuity, and disaster recovery planning.
Requirements
- 4+ years of practical experience in cybersecurity consulting or cybersecurity management (with teams of five persons or more) in a variety of sectors and contexts.
- BS in cybersecurity, information systems, mathematics, natural sciences, business management, or similar degree.
- Hands-on experience with, or extensive knowledge of developing cybersecurity strategies or policies.
- Quantifying and managing cybersecurity risk.
- Leading security assessments.
- Designing, transforming, implementing, and running cybersecurity programs.
- Developing security architectures.
- Integrating security into applications and systems.
- Implementing cloud security.
- Managing cybersecurity risk arising from third parties and the supply chain.
- Designing / implementing identity and access management.
- Developing and upskilling a cybersecurity workforce.
- Delivering cybersecurity culture change, awareness, and training.
- Performing continuous monitoring activities such as using SIEM tools, APT hunting, implementing UBA, etc.
- Designing / implementing vulnerability management, including conducting vulnerability assessments.
- Performing penetration testing, incident management, BCP, and/or DRP.
Nice-to-haves
- Broad knowledge of cybersecurity technologies throughout organizational and acquisition lifecycle.
- Working knowledge of at least two different cybersecurity frameworks: NIST Cybersecurity Framework, C2M2, NIST SP 800-53 and companion publications, ISO/IEC 27000 family of standards, Cloud Security Alliance CCM.
Benefits
- Zero-dollar ($0) health insurance premiums for BCG employees, spouses, and children.
- $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs.
- Dental coverage, including up to $5,000 (USD) in orthodontia benefits.
- Vision insurance with coverage for both glasses and contact lenses annually.
- Reimbursement for gym memberships and other fitness activities.
- Fully vested retirement contributions made annually, whether you contribute or not.
- Generous paid time off including vacation, holidays, and annual office closure between Christmas and New Years.
- Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement.
