Global IT Enterprise Security Architect - Expert Director - The Boston Consulting Group
Boston, MA
About the Job
We are seeking a strong candidate to fill the Global IT Enterprise Security Architect - Expert Director position as we work to build a Gen AI Assistant that will transform the way BCG works.
You will be working in a Security Engineering, Architecture, and Automation capacity across BCG’s
global organization to drive and support improvements based on new and emerging trends. The
successful candidate will be responsible for setting strategies for the future of BCG’s security,
with a focus on Gen AI products. As a Global IT Enterprise Security Architect, you will be
expected to design and develop solutions that meet the security needs of our company, while
ensuring that the solutions are scalable, efficient, and cost-effective
You will:
You will be working in a Security Engineering, Architecture, and Automation capacity across BCG’s
global organization to drive and support improvements based on new and emerging trends. The
successful candidate will be responsible for setting strategies for the future of BCG’s security,
with a focus on Gen AI products. As a Global IT Enterprise Security Architect, you will be
expected to design and develop solutions that meet the security needs of our company, while
ensuring that the solutions are scalable, efficient, and cost-effective
You will:
- Address security challenges related to Generative AI, including access and encryption for storage solutions like Vector DB and Graph DB.
- Work closely with Enterprise and Security Architecture teams to understand their security requirements and develop solutions that meet their needs
- Perform security design and application architecture reviews using risk assessment and threat modeling (e.g., STRIDE-LM) in enterprise environments.
- Develop and provide secure design patterns and secure coding advice across multiple languages and platforms, including APIs, hybrid multi-region cloud environments, and containers.
- Implement Secure Software Development Life Cycle (SDLC) and DevSecOps methodologies and tooling.
- Ensure compliance with regulations (e.g., GDPR, HIPAA) and industry standards (e.g., NIST SSDF, OWASP Top 10, SAMM, ASVS).
- Use vulnerability scanning tools and penetration testing methodologies to identify and mitigate application weaknesses.
- Implement and manage security technologies, such as Identity and Access Management (IAM) solutions and secrets management systems.
- Collaborate with solution architects and engineering teams to embed security recommendations at the architectural level.
- Manage projects, including technical planning, design requirements, vendor evaluations, and reporting.
- Adapt to dynamic environments with changing schedules and priorities.
- Conduct security reviews of network designs and implementations
- Work in Agile framework
- Prepare and review monthly status reports and statistics
Source : The Boston Consulting Group