The Information Security Analyst is responsible for the execution of BCG Omnia’s product and cloud infrastructure security program in alignment with Information Security & Risk Management standards and best practices for Software as a Service (SaaS).
Working with a myriad of product, engineering, and cloud infrastructure management teams to implement and manage security in a SaaS environment. The Information Security Analyst will:
- Understand business and cloud security requirements of engineering, product, and cloud infrastructure delivery teams.
- Work collaboratively with engineering, product, and cloud infrastructure teams to lead effective process improvements and improve overall security effectiveness.
- Serve as technical systems security subject matter expert providing guidance and recommendations.
- Monitor security advisories that impact security, risk, and compliance requirements.
- Review vulnerability assessment results, prioritize, and assist in remediation efforts.
- Support the implementation and management of operational security controls.
- Support security incident response process, work with subject matter experts, recommend corrective actions, and respond to investigations requiring technical security analysis.
- Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Basic Job Requirements
Education & Experience:
- 5+ years in information security, compliance, audit and risk management.
- 5+ years in information technology environments including SaaS.
- Knowledge of Linux and Windows based system administration.
- End-to-end security including web, application, network, and database.
- Experience with security analytics and analysis, logging, and reporting.
- Managing identity access, threat and vulnerability detection.
- Familiarity with audit, risk mitigation, and IT controls such as separation of duties.
- Security certification such as CISM or CISSP.
- Knowledge of industry standards and frameworks such as SOC2, ISO 27001, and CSA CCM.
The Boston Consulting Group (BCG) is a global management consulting firm and the world’s leading advisor on business strategy. We partner with clients from the private, public, and not-for-profit sectors in all regions to identify their highest-value opportunities, address their most critical challenges, and transform their enterprises. Our customized approach combines deep insight into the dynamics of companies and markets with close collaboration at all levels of the client organization. This ensures that our clients achieve sustainable competitive advantage, build more capable organizations, and secure lasting results. Founded in 1963, BCG is a private company with offices in more than 90 cities in 50 countries. For more information, please visit bcg.com.
The Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under federal, state or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. In addition, as a federal government contractor, BCG maintains an affirmative action program which furthers its commitment and complies with recordkeeping and reporting requirements under certain federal civil rights laws and regulations.BCG is an E-Verify Employer.Click here for more information on E-Verify. VEVRAA Federal Contractor
More Jobs From