Cybersecurity Manager

Boston Consulting Group

Who We Are

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.


What You'll Do

You will join BCG’s Security Operations team within Information Security and Risk Management, focused on Attack Surface Management. In this role, you will help protect BCG’s global multi-cloud environment by leading cloud security posture operations, translating complex findings into clear risk narratives, and driving risk-based remediation at scale.

You will serve as a technical authority across cloud security operations, working across AWS, Azure, and Google Cloud. You will look beyond scanner severity to understand exploitability, attack paths, blast radius, and business impact, helping teams fix the right issues in the right order.


You will:

  • Lead triage, risk assessment, and response decisions across CNAPP capabilities, including CSPM, CIEM, KSPM, CWPP, IaC security, secrets detection, SCA/SBOM, API security posture, and external attack surface management.
  • Assess cloud security findings in context, evaluating attack path reachability, lateral movement potential, effective permissions, and downstream impact on critical assets.
  • Use graph-based attack path analysis to identify toxic combinations and distinguish critical exposure paths from high-noise, low-impact misconfigurations.
  • Monitor zero-day and critical vulnerability exposure across cloud workloads, defining affected asset scope and prioritizing remediation based on risk.
  • Evaluate AI and LLM security risks such as exposed inference endpoints, overly permissive model access, insecure secrets handling, vector store exposure, unsafe plugin or tool integrations, and LLMOps pipeline weaknesses.
  • Drive remediation from finding identification through confirmed closure, partnering with developers, cloud architects, security architects, and platform engineering teams.
  • Translate complex technical issues into precise, actionable remediation guidance for different engineering and security audiences.
  • Strengthen shift-left security by embedding guardrails into CI/CD pipelines, improving infrastructure-as-code controls, and reducing recurring misconfigurations at source.
  • Build and improve automation, detection logic, saved queries, runbooks, and CNAPP policy inputs to reduce manual effort and improve signal quality.


What You'll Bring

  • 6-8 years in information security, with at least 6 years focused on cloud security operations or cloud infrastructure security.
  • Hands-on CNAPP experience across triage, posture reporting, and policy tuning.
  • Deep knowledge of AWS, Azure, or Google Cloud security controls.
  • Practical understanding of AI workload security, LLMOps pipelines, or inference endpoint risk.
  • Strong discernment across exploitability, blast radius, permissions, attack paths, and data exposure.
  • Experience driving remediation across engineering, platform, architecture, or AI enablement teams.
  • Python, Bash, or API integration experience supporting automation and operational scale.


Who You'll Work With

You will be part of BCG’s Security Operations team within Information Security and Risk Management, focused on Attack Surface Management. You will work closely with cloud engineering, platform engineering, security architecture, threat intelligence, and DevSecOps teams to identify, prioritize, and reduce cloud security risk across BCG’s global technology environment. The team operates in a highly collaborative, technically rigorous setting, with a shared focus on clear risk ownership, practical remediation, and continuous improvement.


Additional info

Preferred certifications are helpful but not required, including AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer, CCSP, or Certified Kubernetes Security Specialist.


Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.

Como aplicar?

Para se candidatar a este emprego, você precisa autorizar em nosso site. Se você ainda não possui uma conta, registre-se.