WHAT YOU'LL DO
The right candidate is responsible for managing security compliance for BCG’s software and data offerings in alignment with AICPA’s SOC 1 and SOC 2 framework and ISO 27001 standards.
The right candidate must be able to demonstrate understanding of the fundamental security compliance frameworks, understand security and compliance audit processes and be able to collaborate with the team.
The candidate must be a proactive team player, be able to communicate information and explanation to guide solutions. Additionally, the candidate must demonstrate strong customer service to set of internal stakeholders and develop positive and collaborative relationships within own area.
The successful candidate possesses excellent interpersonal and communication skills, both written and oral, required to partner with team members and stakeholders across the business to identify compliance gaps, issues and risks.
The role will report to the head of Governance & Risk Management for BCG X and sit within BCG’s information Security team.
YOU'RE GOOD AT
Understanding cybersecurity compliance frameworks - SOC 1, SOC 2, ISO 27k.
Have a risk mindset, eye for detail, and can apply critical thinking.
Working with auditors, audit request lists and taking ownership of gathering security audit evidence.
Coordinating audits and conducting reviews of deliverable to verify compliance with internal policies and industry best practices.
Thorough with an eye for detail to ensure completeness of audit and compliance requests.
Ensuring clear and expedient escalations with informed recommendations to management.
Being a team player and working to achieve common goal in a dynamic setting.
Identify and leverage lessons learned and best practices from audits, fostering the culture of continuous improvement within BCG.
YOU BRING (EXPERIENCE & QUALIFICATIONS)
Broad working knowledge in key areas of security compliance frameworks (SOC 1, SOC 2, HITRUST, ISO 27k).
Minimum of 2 years’ experience working with security compliance audits.
A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred.
Fluent in English (verbal and written) Strong communication.
Flexibility in scheduling, capable and willing to attend conference calls outside of regular working hours to accommodate the geographical requirements and time zones of our stakeholders, and team members.
Flexibility in scheduling, capable and willing to attend conference calls outside of regular working hours to accommodate the geographical requirements and time zones of our stakeholders, and team members.
Strong work management, and work ethics required.
Ability to work successfully within a cohesive and matrixed team environment.
Superior interpersonal and communication skills; projects confidence and trust.
YOU'LL WORK WITH
The role will report to the head of Governance & Risk Management for BCG X and sit within BCG’s information Security risk management team, working closely with product and engineering, security and IT teams.
Information Security Specialist
The role will report to the head of Governance & Risk Management for BCG X and sit within BCG’s information Security risk management team, working closely with product and engineering, security and IT teams. The right candidate must be able to demonstrate understanding of the fundamental security co...
Senior Systems Engineer - System Security Engineer (Anti-Tamper / Cyber Security) - P3
Experience in the fields of System Security Engineering, computer technology reverse engineering, Anti Tamper, cybersecurity, or embedded security. Advanced Degree in Electrical Engineering, Systems Engineering, Mechanical Engineering, Engineering Mechanics, Computer Science, Engineering Science, Bu...
Information Security Specialist
The right candidate must be able to demonstrate understanding of the fundamental security compliance frameworks, understand security and compliance audit processes and be able to collaborate with the team. The role will report to the head of Governance & Risk Management for BCG X and sit within BCG’...
Research and Documentation Analyst - Security Clearance Required
Research and Documentation Analyst. Research and Documentation Analyst. Research and Documentation Analyst. ...
Administrative and Technical Support Specialist - Security Clearance Required
Administrative and Technical Support Specialist. ...
IT Digital Delivery Specialist
Coordinates system upgrades with all stakeholders (Business line, IT Ops, IT Support, IT Security, Vendor). Needham Bank offers a competitive salary and an amazing benefit package for a full-time employee which includes fully paid medical and dental insurance, HRA, 401(k) plan with an 8% bank match,...
Security Officer
As a Security Officer you will assist with ensuring the safety and secure operation of both the DXL corporate offices and the distribution center. Using your experience working as a security officer, you will play a key role in supporting DXL's mission by:. ...
It Lims Product Build And Support Specialist
Must be a team player with integrity and concern for the quality of company products, services and staff members. IT LIMS Product Build & Support Specialist**. The IT LIMS Support Specialist will build, update, and test new product builds for the Boston Analytical Laboratory Information Management S...
Information Security Engineer
Manage access control for non-Information Security projects. Strong technical knowledge in at least one domain of information security (e. Knowledge of operating system administration, network security, and application security. Evaluate, design, and deploy security solutions to meet client needs. ...
Trade Compliance Analyst
As a Trade Compliance Analyst, you will play a key role in ensuring our company's compliance with global customs authorities and facilitating day-to-day trade compliance activities. Are you an enthusiastic professional looking to expand your experience or start a career in Trade and Compliance? Rand...