Global Cybersecurity Manager - Governance and Compliance

Boston Consulting Group

Who We Are

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.


What You'll Do

As a Global Information Security Manager / Global Client Assurance Services Manager within BCG's Client Assurance Services (CAS) team, you will play an important role in supporting BCG's strategic clients with their information security due diligence activities. You will work closely with Information Security, Legal, Risk, and client-facing teams to help communicate BCG's security posture, policies, and practices to clients and prospects globally.


In this role, you will contribute to the delivery of client assurance activities and support the ongoing development of CAS tools, processes, and knowledge assets that enable the team to operate effectively and consistently across BCG's client portfolio. Your key responsibilities will include:

  • Client Due Diligence Support: Serve as a key contact for clients and prospects conducting information security assessments of BCG. Respond to security questionnaires, RFPs, and audit requests; participate in client calls and workshops; and provide clear explanations of BCG's security controls, certifications, and risk management practices.
  • CAS Tool & Process Support: Support the maintenance and continuous improvement of CAS tools, templates, knowledge repositories, and automation initiatives to improve the efficiency and consistency of client assurance activities.
  • Stakeholder Collaboration: Partner closely with BCG's Information Security, Legal, Risk, Compliance, and client-facing teams to gather accurate information regarding BCG's security posture and ensure consistent and compliant responses to client inquiries.
  • Risk & Compliance Support: Support clients in understanding BCG's compliance with relevant frameworks (e.g. ISO 27001, SOC 2, GDPR, NIST) and help translate technical security concepts into business-relevant assurance responses.
  • Quality & Continuous Improvement: Support the continuous improvement of Client Assurance Services by identifying opportunities to enhance response quality, improve operational efficiency, and strengthen knowledge management. Contribute to maintaining high-quality documentation, templates, and best practices that enable consistent service delivery across client engagements.
  • Knowledge Management & Documentation: Maintain and enhance the CAS knowledge base, standard response library, and supporting documentation to ensure client assurance materials remain accurate, current, and easily accessible across the team.


What You'll Bring

  • Minimum 5–8 years of experience in information security, cybersecurity, risk management, compliance, or a related field.
  • Experience supporting client-facing information security, assurance, audit, compliance, or advisory activities.
  • Strong understanding of information security frameworks and standards including ISO 27001, SOC 2, NIST CSF, GDPR, and relevant regional data protection regulations.
  • Experience responding to client security questionnaires, due diligence requests, audits, or RFPs, with the ability to communicate technical concepts clearly to non-technical audiences.
  • Relevant professional certifications such as CISSP, CISM, CISA, Security+, or ISO 27001 Lead Auditor/Implementer are preferred.
  • Strong communication, organization, and stakeholder management skills, with the ability to collaborate effectively across global and matrixed organizations.
  • Prior experience in a professional services, financial services, technology, or consulting environment is preferred.
  • Fluent written and spoken English and German are required.


Additional info

BCG’s Client Assurance Services (CAS) team sits at the intersection of information security, client trust, and business development. We support BCG’s most important global client relationships by serving as the dedicated team that handles information security due diligence requests, security assessments, and assurance inquiries from current and prospective clients. As client expectations around data protection and cybersecurity continue to evolve, CAS plays a critical role in demonstrating BCG’s security maturity, building client confidence, and enabling BCG to win and retain strategic engagements. The team partners closely with Information Security, Legal, Risk, and client-facing teams across the firm.

Some international travel may be required for client engagements.


Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.

Como aplicar?

Para se candidatar a este emprego, você precisa autorizar em nosso site. Se você ainda não possui uma conta, registre-se.