Boston Consulting Group
Global IT Enterprise Security Architect - Expert Director
Boston Consulting Group, Boston, Massachusetts, us, 02298
WHAT YOU'LL DOWe are seeking a strong candidate to fill the Global IT Enterprise Security Architect - Expert Director position as we work to build a Gen AI Assistant that will transform the way BCG works.
You will be working in a Security Engineering, Architecture, and Automation capacity across BCG’sglobal organization to drive and support improvements based on new and emerging trends. Thesuccessful candidate will be responsible for setting strategies for the future of BCG’s security,with a focus on Gen AI products. As a Global IT Enterprise Security Architect, you will beexpected to design and develop solutions that meet the security needs of our company, whileensuring that the solutions are scalable, efficient, and cost-effective
You will:
Address security challenges related to Generative AI, including access and encryption for storage solutions like Vector DB and Graph DB.
Work closely with Enterprise and Security Architecture teams to understand their security requirements and develop solutions that meet their needs
Perform security design and application architecture reviews using risk assessment and threat modeling (e.g., STRIDE-LM) in enterprise environments.
Develop and provide secure design patterns and secure coding advice across multiple languages and platforms, including APIs, hybrid multi-region cloud environments, and containers.
Implement Secure Software Development Life Cycle (SDLC) and DevSecOps methodologies and tooling.
Ensure compliance with regulations (e.g., GDPR, HIPAA) and industry standards (e.g., NIST SSDF, OWASP Top 10, SAMM, ASVS).
Use vulnerability scanning tools and penetration testing methodologies to identify and mitigate application weaknesses.
Implement and manage security technologies, such as Identity and Access Management (IAM) solutions and secrets management systems.
Collaborate with solution architects and engineering teams to embed security recommendations at the architectural level.
Manage projects, including technical planning, design requirements, vendor evaluations, and reporting.
Adapt to dynamic environments with changing schedules and priorities.
Conduct security reviews of network designs and implementations
Work in Agile framework
Prepare and review monthly status reports and statistics
YOU'RE GOOD AT
Securing global networks and compute environments with state-of-the-art security technology including Next-Gen Firewalls, Cloud Native Firewalls, IPS, DDOS, ACLs, and other hardware preferably with automation tools and practices to ensure consistency and repeatability
Engineering and implementation of Zero Trust remote access solutions and other 3rd Party connectivity solutions
Maintaining knowledge base and 'as built' documentation for all network security services
Changing and maintaining connectivity for Cloud Computing environments
Successfully interfacing and connecting with skilled technologists and non-technical stakeholders
Working in an Agile environment leveraging strong work management, organizational and planning skills
Negotiating and consensus building between stakeholders where competing priorities exist, providing well-honed influencing skills
Effectively handling difficult and stressful situations with poise, tact and patience, while demonstrating a sense of urgency
YOU BRING (EXPERIENCE & QUALIFICATIONS)
BA degree in computer science, Cybersecurity, or similar field preferred
10+ years design/implementation/consulting experience of distributed applications and security/compliance related work
5+ years of software development and AI/ML or related technology domain
10+ years of security/compliance related work
Minimum 7+ years of network security engineering experience with large scale implementations distributed globally
Proven experience in network and Cloud security architecture, design and best practices to support a globally distributed environment across multiple platforms such as AWS, Azure, and GCP
Experience addressing security challenges in multi-tenant data pipelines
Experience with Cloud Native technologies, such as Kubernetes, Docker, and Terraform
Strong understanding of networking protocols, including TCP/IP, HTTP/HTTPS, and DNS
Experience with NextGen and Cloud Native Firewalls, and intrusion detection/prevention systems
Excellent communication and collaboration skills
Ability to work in a fast-paced environment and manage multiple projects simultaneously
Strong organizational, written communication, problem-solving, and analytical skills
Expertise in cloud security for platforms like AWS, Azure, and Google Cloud.
Knowledge of encryption technologies and their implementation.
Ability to conduct thorough security risk assessments and develop mitigation strategies.
Experience with IAM, including SSO, access control, and user provisioning.
Familiarity with vulnerability scanning tools and interpreting results.
CISSP and other security certifications preferred
YOU'LL WORK WITHYou will be part of a global team located across Europe, Asia, and the Americas, working in a highlycollaborative environment with like-minded colleagues. If you are a passionate Global IT Enterprise Security Architect with experience in cloud security and a desire to innovate and lead the way in AI security, then we encourage you to apply for this exciting opportunity
#J-18808-Ljbffr
You will be working in a Security Engineering, Architecture, and Automation capacity across BCG’sglobal organization to drive and support improvements based on new and emerging trends. Thesuccessful candidate will be responsible for setting strategies for the future of BCG’s security,with a focus on Gen AI products. As a Global IT Enterprise Security Architect, you will beexpected to design and develop solutions that meet the security needs of our company, whileensuring that the solutions are scalable, efficient, and cost-effective
You will:
Address security challenges related to Generative AI, including access and encryption for storage solutions like Vector DB and Graph DB.
Work closely with Enterprise and Security Architecture teams to understand their security requirements and develop solutions that meet their needs
Perform security design and application architecture reviews using risk assessment and threat modeling (e.g., STRIDE-LM) in enterprise environments.
Develop and provide secure design patterns and secure coding advice across multiple languages and platforms, including APIs, hybrid multi-region cloud environments, and containers.
Implement Secure Software Development Life Cycle (SDLC) and DevSecOps methodologies and tooling.
Ensure compliance with regulations (e.g., GDPR, HIPAA) and industry standards (e.g., NIST SSDF, OWASP Top 10, SAMM, ASVS).
Use vulnerability scanning tools and penetration testing methodologies to identify and mitigate application weaknesses.
Implement and manage security technologies, such as Identity and Access Management (IAM) solutions and secrets management systems.
Collaborate with solution architects and engineering teams to embed security recommendations at the architectural level.
Manage projects, including technical planning, design requirements, vendor evaluations, and reporting.
Adapt to dynamic environments with changing schedules and priorities.
Conduct security reviews of network designs and implementations
Work in Agile framework
Prepare and review monthly status reports and statistics
YOU'RE GOOD AT
Securing global networks and compute environments with state-of-the-art security technology including Next-Gen Firewalls, Cloud Native Firewalls, IPS, DDOS, ACLs, and other hardware preferably with automation tools and practices to ensure consistency and repeatability
Engineering and implementation of Zero Trust remote access solutions and other 3rd Party connectivity solutions
Maintaining knowledge base and 'as built' documentation for all network security services
Changing and maintaining connectivity for Cloud Computing environments
Successfully interfacing and connecting with skilled technologists and non-technical stakeholders
Working in an Agile environment leveraging strong work management, organizational and planning skills
Negotiating and consensus building between stakeholders where competing priorities exist, providing well-honed influencing skills
Effectively handling difficult and stressful situations with poise, tact and patience, while demonstrating a sense of urgency
YOU BRING (EXPERIENCE & QUALIFICATIONS)
BA degree in computer science, Cybersecurity, or similar field preferred
10+ years design/implementation/consulting experience of distributed applications and security/compliance related work
5+ years of software development and AI/ML or related technology domain
10+ years of security/compliance related work
Minimum 7+ years of network security engineering experience with large scale implementations distributed globally
Proven experience in network and Cloud security architecture, design and best practices to support a globally distributed environment across multiple platforms such as AWS, Azure, and GCP
Experience addressing security challenges in multi-tenant data pipelines
Experience with Cloud Native technologies, such as Kubernetes, Docker, and Terraform
Strong understanding of networking protocols, including TCP/IP, HTTP/HTTPS, and DNS
Experience with NextGen and Cloud Native Firewalls, and intrusion detection/prevention systems
Excellent communication and collaboration skills
Ability to work in a fast-paced environment and manage multiple projects simultaneously
Strong organizational, written communication, problem-solving, and analytical skills
Expertise in cloud security for platforms like AWS, Azure, and Google Cloud.
Knowledge of encryption technologies and their implementation.
Ability to conduct thorough security risk assessments and develop mitigation strategies.
Experience with IAM, including SSO, access control, and user provisioning.
Familiarity with vulnerability scanning tools and interpreting results.
CISSP and other security certifications preferred
YOU'LL WORK WITHYou will be part of a global team located across Europe, Asia, and the Americas, working in a highlycollaborative environment with like-minded colleagues. If you are a passionate Global IT Enterprise Security Architect with experience in cloud security and a desire to innovate and lead the way in AI security, then we encourage you to apply for this exciting opportunity
#J-18808-Ljbffr