Information Security Specialist Job at Boston Consulting Group, Boston, MA

eDAwbW5kUFd4ZGUzUFQwZmhuK21adHZ5MWc9PQ==
  • Boston Consulting Group
  • Boston, MA

Job Description

WHAT YOU'LL DO
The right candidate is responsible for managing security compliance for BCG’s software and data offerings in alignment with AICPA’s SOC 1 and SOC 2 framework and ISO 27001 standards. The right candidate must be able to demonstrate understanding of the fundamental security compliance frameworks, understand security and compliance audit processes and be able to collaborate with the team. The candidate must be a proactive team player, be able to communicate information and explanation to guide solutions. Additionally, the candidate must demonstrate strong customer service to set of internal stakeholders and develop positive and collaborative relationships within own area.

The successful candidate possesses excellent interpersonal and communication skills, both written and oral, required to partner with team members and stakeholders across the business to identify compliance gaps, issues and risks.
The role will report to the head of Governance & Risk Management for BCG X and sit within BCG’s information Security team.

YOU'RE GOOD AT


  • Understanding cybersecurity compliance frameworks - SOC 1, SOC 2, ISO 27k.

  • Have a risk mindset, eye for detail, and can apply critical thinking.

  • Working with auditors, audit request lists and taking ownership of gathering security audit evidence.

  • Coordinating audits and conducting reviews of deliverable to verify compliance with internal policies and industry best practices.

  • Thorough with an eye for detail to ensure completeness of audit and compliance requests.

  • Ensuring clear and expedient escalations with informed recommendations to management.

  • Being a team player and working to achieve common goal in a dynamic setting.

  • Identify and leverage lessons learned and best practices from audits, fostering the culture of continuous improvement within BCG.

YOU BRING (EXPERIENCE & QUALIFICATIONS)


  • Broad working knowledge in key areas of security compliance frameworks (SOC 1, SOC 2, HITRUST, ISO 27k).

  • Minimum of 2 years’ experience working with security compliance audits.

  • A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred.

  • Fluent in English (verbal and written) Strong communication.

  • Flexibility in scheduling, capable and willing to attend conference calls outside of regular working hours to accommodate the geographical requirements and time zones of our stakeholders, and team members.

  • Flexibility in scheduling, capable and willing to attend conference calls outside of regular working hours to accommodate the geographical requirements and time zones of our stakeholders, and team members.

  • Strong work management, and work ethics required.

  • Ability to work successfully within a cohesive and matrixed team environment.

  • Superior interpersonal and communication skills; projects confidence and trust.

YOU'LL WORK WITH


The role will report to the head of Governance & Risk Management for BCG X and sit within BCG’s information Security risk management team, working closely with product and engineering, security and IT teams.

Job Tags

Similar Jobs

NoGigiddy

Chat Support Agent (Remote) - Entry Level, No Degree Required - 15 - 18 per Hour Job at NoGigiddy

 ...individuals to join our team as Chat Support Agents. In this entry-level role, you will be the first point of contact for our users, providing...  ...about NoGigiddy services and job opportunities Assist users with navigating our platform and resolving any issues they... 

University of Alaska Fairbanks

Art Model (Nude and Clothed) Job at University of Alaska Fairbanks

 ...The UAA College of Arts & Sciences, Department of Art, is recruiting for both clothed and nude art models for the 2024-2025 Academic Year. All shapes and sizes are encouraged to apply! Please indicate in your application which type of sessions you wish to be considered... 

Standard Technology

Medical Coder III A REMOTE Job at Standard Technology

 ...Description Job Description The work of the Remote Medical Coder III involves, but is not limited to:...  ..., medication, procedure, and supply codes for professional service and facility...  ...AND professional services experience for the specific position sought. Evaluation... 

Nomad Health

Travel Ultrasound Technologist - Medical Sonographer $2640/wk Job at Nomad Health

 ...Job Description Job description Nomad Health seeks an experienced Medical Sonographer (General) ultrasound tech for a travel assignment in IL. Take the next step in your healthcare career and join Nomad Health as a travel ultrasound technologist. As a traveler... 

Sharp Solutions Inc.

IT Portfolio Senior Manager-DHS -CBP Washington, DC Job at Sharp Solutions Inc.

 ...Customs and Border Protection program. This person will support the development of a rich portfolio of shared-services offerings for the CBP enterprise. In this position you will work with multiple IT disciplines in providing a high-quality governance structure for the IT...