Job Title

Locations : Atlanta | LondonThe following information aims to provide potential candidates with a better understanding of the requirements for this role.Who We AreBoston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital venturesand business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.What You'll DoThis role focuses on designing, implementing, and tracking cloud security enhancements with a specialization in Secrets Management across multi-cloud and SaaS environments. You will influence engineering decisions to drive secure and successful business outcomes while collaborating with internal teams to protect enterprise information. Key responsibilities include defining and implementing identity, access, and security requirements; planning, testing, and supporting secure systems; and serving as a Subject Matter Expert on IT projects. Additionally, you will develop and maintain security standards, policies, and procedures, while mentoring team members to foster a strong security culture. This position requires a strategic and hands-on approach to strengthen BCGs cloud security posture. YOU'RE GOOD AT Interacting with stakeholders and possessing the ability to influence direction, articulate risks and advocate for solutions and roadmaps. Managing backlog and roadmap of secrets management items to be completed. Managing end to end delivery of projects with hands on involvement in the development and configuration of products around secrets management and machine authentication. Determining requirements by evaluating business strategies and requirements, implementing information security standards, conducting system and vulnerability analyses and risk assessments, recommending secure architecture aligned to business architecture, and identifying/driving remediation of integration issues. Providing expert knowledge of solution/application architecture for identity related capabilities as well as methodologies in the software development life cycle. Maintaining security data and identity principles by ensuring compliance to standards, policies, regulatory requirements, and good industry practices are achieved. Self-managing progress and status of tasks and deliverables on projects and escalating issues and risks timely. Completing market assessments on vendor products, packages, and services; guiding tests and implementation of products solving enterprise information security requirements. Suggesting and implementing alternative mitigations/compensating controls to allow for business to continue while protecting BCG's assets. Partnering with cross functional teams to ensure compliance to industry and company standards including ISO 27001, SOC2, NIST, GDPR, and DPO standards. Updating job knowledge by tracking and understanding emerging practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. Vendor escalations and Major Incident Management support for business-critical services. Able to provide L3 operational support for Secrets Management tooling and oversight of L1/L2 ops issues. Create and track health, security and adoption metrics.What You'll Bring Must Haves: Ability to drive adoption of secrets management best practices, primarily using HashiCorp Vault 3+ years experience of secrets management through large scale implementations distributed globally Experience managing cloud native secrets management solutions such as Azure Key Vault, Google Secrets Manager and AWS Secrets Manager. Experience with Cloud Security Posture Management (CSPM)across the cloud platforms including AWS, Azure, and GCP Tier 3 support experience for service outage and mission-critical application support Experience with app registrations and service principals in Azure AD Experience documenting complex architectures Experience with GitHub, (or similar tools including Chef or Puppet), Continuous Integration/Continuous Deployment (CI/CD) Knowledge and experience with automating solutions using one or more languages (i.e., Python, PowerShell, Terraform, or similar) Nice Haves: Bachelors degree (or equivalent related experience) 7+ years experience working with AWS, GCP, Azure, or Alibaba cloud Understanding of API concepts and RESTful services Understanding of cloud security, zero trust, risk-based authentication, and multi-factor authentication (MFA) solutions Hands-on/direct experience integrating web, single-page, native applications through API endpoints, API services for machine-to-machine authentication Related certifications (e.g. Security Plus, CISSP, CCSP, ITIL Foundations, CE+, etc) Experience working in Agile, knowledge of Jira, Jira Align, Miro, and related tools and principals Experience as a change management practitioner using industry best practices and ServiceNow tooling and workflowsBoston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E - Verify Employer. (Click here )(https://careers.bcg.com/global/en/e-verify) for more information on E-Verify.