Boston Consulting Group
Enterprise Security Service Director - BCG FED
Boston Consulting Group, Washington, Washington, D.C., United States,
Locations : Washington | BostonWho We AreBCG pioneered strategy consulting more than 50 years ago, and we continue to innovate and redefine the industry. We offer multiple career paths for the world's best talent to have a real impact on business and society.
As part of our team, you will benefit from the breadth and diversity of what we are doing today and where we are headed next. We count on your authenticity, exceptional work, and strong integrity. In return we are committed to supporting you in discovering the most fulfilling career journey possible-and unlocking your potential to advance the world.
Our team called Global Services (GS) provides corporate support to business areas such as Finance, Legal, HR, Marketing and IT. This diverse team of experts, operators and specialists represent all levels from Partner to entry level staff, operating across the globe in multiple countries. Global Services is in short, the backbone of BCG.
What You'll DoThe BCG Federal Organization is seeking a skilled and proactive Enterprise Security Service Director to oversee and manage comprehensive security operations that safeguard the organization’s digital and physical assets. In this role, you will be responsible for directing a wide range of security measures, ensuring the robustness and resilience of our IT infrastructure in alignment with industry standards and best practices, particularly NIST 800-171 and CMMC guidelines.
As the Enterprise Security Service Director, you will lead critical functions including vulnerability management, penetration testing, and business continuity planning. You will oversee Data Loss Prevention (DLP) strategies and encryption practices to secure sensitive data. Additionally, you will develop and enforce data classification policies, ensure the effective management of the data lifecycle, and lead our compliance and governance efforts. Your leadership will be instrumental in ensuring that all security measures are proactive, compliant, and aligned with our organizational objectives.Your duties will include:Vulnerability Management & Patch Governance: Direct and enhance the organization's capabilities in identifying, assessing, and mitigating vulnerabilities. Oversee the development and implementation of a systematic patch management strategy to ensure timely updates and compliance with industry standards.
Penetration Testing & Red Team Program:
Lead and manage penetration testing initiatives to identify security weaknesses before they can be exploited. Additionally, supervise the red team operations designed to simulate real-world attacks to test and improve the organization's defenses.
Business Continuity & Disaster Recovery Governance: Develop and maintain policies and procedures to ensure that the organization can continue operating and quickly recover in the event of a disruption or disaster. This includes regular updates and tests of disaster recovery plans to ensure effectiveness.
Data Loss Prevention (DLP) and Encryption: Implement and manage DLP strategies to protect sensitive data from loss or unauthorized access. Additionally, oversee the encryption practices to secure data at rest, in motion, and in use.
Data Classification: Lead the development and enforcement of policies for classifying data based on sensitivity and compliance requirements to ensure that protective measures align with the potential risks.
What You'll Bring10+ years of experience in information security
5+ years leading cross-functional teams and managing security initiatives in complex environments.
3+ years of:Data Classification technical capabilities and strategies
Encryption and Data Loss Prevention (DLP) experience
Experience with Business Continuity to include backup capabilities
Knowledge of security issues, trends and best practices
Experience with Microsoft Azure and O365
U.S. Citizenship required
Ability to obtain and maintain a Secret Security Clearance
Who You'll Work WithBCG’s information technology group collaboratively delivers the latest digital technologies that enable our consultants to lead and our business to grow. For our IT jobs, we seek individuals with expertise in the areas of IT infrastructure, application development, business systems, collaborative and social technologies, information security, and project leadership.
Additional infoFormat:At BCG, our people and relationships are at the heart of everything we do. We believe that in-person work is essential to our culture, mentorship, and professional development. That's why we operate on a hybrid model, with the expectation that team members will be in the office 3 to 5 days per week. This role is designed for those who thrive in a dynamic, collaborative environment and is not intended for remote or virtual work.
CompensationTotal compensation for this role includes base salary, annual discretionary performance bonus, contributions to BCG’s Profit Sharing and Retirement Fund (PSRF), and a market leading benefits package described below.
Some local governments in the United States require job postings to include a reasonable estimate of base compensation. We expect your total annualized compensation to be approximately the following:In Washington D.C. the base salary is between $178,000-217,000 (USD); placement within this range will vary based on experience and skill level
In other locations, competitive pay is commensurate with the role and geography
Annual discretionary performance bonus between 0-30%
5% Profit Sharing Retirement Fund (PSRF) contribution, increasing to 10% after two years of service. Contributions are vested immediately and there is no waiting period
All of our plans provide best in class coverage:Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children
Low $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs
Dental coverage, including up to $5,000 in orthodontia benefits
Vision insurance with coverage for both glasses and contact lenses annually
Reimbursement for gym memberships and other fitness activities
Fully vested Profit Sharing Retirement Fund contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan
Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement
Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month)
Paid sick time on an as needed basis
*Employees, spouses, and children are covered at no cost. Employees share in the cost of domestic partner coverage.
Other
U.S. citizenship required. Dual citizens may be subject to additional eligibility requirements.
Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer.
Click here
for more information on E-Verify.
As part of our team, you will benefit from the breadth and diversity of what we are doing today and where we are headed next. We count on your authenticity, exceptional work, and strong integrity. In return we are committed to supporting you in discovering the most fulfilling career journey possible-and unlocking your potential to advance the world.
Our team called Global Services (GS) provides corporate support to business areas such as Finance, Legal, HR, Marketing and IT. This diverse team of experts, operators and specialists represent all levels from Partner to entry level staff, operating across the globe in multiple countries. Global Services is in short, the backbone of BCG.
What You'll DoThe BCG Federal Organization is seeking a skilled and proactive Enterprise Security Service Director to oversee and manage comprehensive security operations that safeguard the organization’s digital and physical assets. In this role, you will be responsible for directing a wide range of security measures, ensuring the robustness and resilience of our IT infrastructure in alignment with industry standards and best practices, particularly NIST 800-171 and CMMC guidelines.
As the Enterprise Security Service Director, you will lead critical functions including vulnerability management, penetration testing, and business continuity planning. You will oversee Data Loss Prevention (DLP) strategies and encryption practices to secure sensitive data. Additionally, you will develop and enforce data classification policies, ensure the effective management of the data lifecycle, and lead our compliance and governance efforts. Your leadership will be instrumental in ensuring that all security measures are proactive, compliant, and aligned with our organizational objectives.Your duties will include:Vulnerability Management & Patch Governance: Direct and enhance the organization's capabilities in identifying, assessing, and mitigating vulnerabilities. Oversee the development and implementation of a systematic patch management strategy to ensure timely updates and compliance with industry standards.
Penetration Testing & Red Team Program:
Lead and manage penetration testing initiatives to identify security weaknesses before they can be exploited. Additionally, supervise the red team operations designed to simulate real-world attacks to test and improve the organization's defenses.
Business Continuity & Disaster Recovery Governance: Develop and maintain policies and procedures to ensure that the organization can continue operating and quickly recover in the event of a disruption or disaster. This includes regular updates and tests of disaster recovery plans to ensure effectiveness.
Data Loss Prevention (DLP) and Encryption: Implement and manage DLP strategies to protect sensitive data from loss or unauthorized access. Additionally, oversee the encryption practices to secure data at rest, in motion, and in use.
Data Classification: Lead the development and enforcement of policies for classifying data based on sensitivity and compliance requirements to ensure that protective measures align with the potential risks.
What You'll Bring10+ years of experience in information security
5+ years leading cross-functional teams and managing security initiatives in complex environments.
3+ years of:Data Classification technical capabilities and strategies
Encryption and Data Loss Prevention (DLP) experience
Experience with Business Continuity to include backup capabilities
Knowledge of security issues, trends and best practices
Experience with Microsoft Azure and O365
U.S. Citizenship required
Ability to obtain and maintain a Secret Security Clearance
Who You'll Work WithBCG’s information technology group collaboratively delivers the latest digital technologies that enable our consultants to lead and our business to grow. For our IT jobs, we seek individuals with expertise in the areas of IT infrastructure, application development, business systems, collaborative and social technologies, information security, and project leadership.
Additional infoFormat:At BCG, our people and relationships are at the heart of everything we do. We believe that in-person work is essential to our culture, mentorship, and professional development. That's why we operate on a hybrid model, with the expectation that team members will be in the office 3 to 5 days per week. This role is designed for those who thrive in a dynamic, collaborative environment and is not intended for remote or virtual work.
CompensationTotal compensation for this role includes base salary, annual discretionary performance bonus, contributions to BCG’s Profit Sharing and Retirement Fund (PSRF), and a market leading benefits package described below.
Some local governments in the United States require job postings to include a reasonable estimate of base compensation. We expect your total annualized compensation to be approximately the following:In Washington D.C. the base salary is between $178,000-217,000 (USD); placement within this range will vary based on experience and skill level
In other locations, competitive pay is commensurate with the role and geography
Annual discretionary performance bonus between 0-30%
5% Profit Sharing Retirement Fund (PSRF) contribution, increasing to 10% after two years of service. Contributions are vested immediately and there is no waiting period
All of our plans provide best in class coverage:Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children
Low $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs
Dental coverage, including up to $5,000 in orthodontia benefits
Vision insurance with coverage for both glasses and contact lenses annually
Reimbursement for gym memberships and other fitness activities
Fully vested Profit Sharing Retirement Fund contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan
Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement
Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month)
Paid sick time on an as needed basis
*Employees, spouses, and children are covered at no cost. Employees share in the cost of domestic partner coverage.
Other
U.S. citizenship required. Dual citizens may be subject to additional eligibility requirements.
Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer.
Click here
for more information on E-Verify.