Job Description
WHAT YOU'LL DO
We are seeking a strong candidate to fill the Global IT Enterprise Security Architect - Expert Director position as we work to build a Gen AI Assistant that will transform the way BCG works.
You will be working in a Security Engineering, Architecture, and Automation capacity across BCG’s
global organization to drive and support improvements based on new and emerging trends. The
successful candidate will be responsible for setting strategies for the future of BCG’s security,
with a focus on Gen AI products. As a Global IT Enterprise Security Architect, you will be
expected to design and develop solutions that meet the security needs of our company, while
ensuring that the solutions are scalable, efficient, and cost-effective
You will:
- Address security challenges related to Generative AI, including access and encryption for storage solutions like Vector DB and Graph DB.
- Work closely with Enterprise and Security Architecture teams to understand their security requirements and develop solutions that meet their needs
- Perform security design and application architecture reviews using risk assessment and threat modeling (e.g., STRIDE-LM) in enterprise environments.
- Develop and provide secure design patterns and secure coding advice across multiple languages and platforms, including APIs, hybrid multi-region cloud environments, and containers.
- Implement Secure Software Development Life Cycle (SDLC) and DevSecOps methodologies and tooling.
- Ensure compliance with regulations (e.g., GDPR, HIPAA) and industry standards (e.g., NIST SSDF, OWASP Top 10, SAMM, ASVS).
- Use vulnerability scanning tools and penetration testing methodologies to identify and mitigate application weaknesses.
- Implement and manage security technologies, such as Identity and Access Management (IAM) solutions and secrets management systems.
- Collaborate with solution architects and engineering teams to embed security recommendations at the architectural level.
- Manage projects, including technical planning, design requirements, vendor evaluations, and reporting.
- Adapt to dynamic environments with changing schedules and priorities.
- Conduct security reviews of network designs and implementations
- Work in Agile framework
- Prepare and review monthly status reports and statistics
YOU'RE GOOD AT
- Securing global networks and compute environments with state-of-the-art security technology including Next-Gen Firewalls, Cloud Native Firewalls, IPS, DDOS, ACLs, and other hardware preferably with automation tools and practices to ensure consistency and repeatability
- Engineering and implementation of Zero Trust remote access solutions and other 3rd Party connectivity solutions
- Maintaining knowledge base and 'as built' documentation for all network security services
- Changing and maintaining connectivity for Cloud Computing environments
- Successfully interfacing and connecting with skilled technologists and non-technical stakeholders
- Working in an Agile environment leveraging strong work management, organizational and planning skills
- Negotiating and consensus building between stakeholders where competing priorities exist, providing well-honed influencing skills
- Effectively handling difficult and stressful situations with poise, tact and patience, while demonstrating a sense of urgency
YOU BRING (EXPERIENCE & QUALIFICATIONS)
- BA degree in computer science, Cybersecurity, or similar field preferred
- 10+ years design/implementation/consulting experience of distributed applications and security/compliance related work
- 5+ years of software development and AI/ML or related technology domain
- 10+ years of security/compliance related work
- Minimum 7+ years of network security engineering experience with large scale implementations distributed globally
- Proven experience in network and Cloud security architecture, design and best practices to support a globally distributed environment across multiple platforms such as AWS, Azure, and GCP
- Experience addressing security challenges in multi-tenant data pipelines
- Experience with Cloud Native technologies, such as Kubernetes, Docker, and Terraform
- Strong understanding of networking protocols, including TCP/IP, and DNS
- Experience with NextGen and Cloud Native Firewalls, and intrusion detection/prevention systems
- Excellent communication and collaboration skills
- Ability to work in a fast-paced environment and manage multiple projects simultaneously
- Strong organizational, written communication, problem-solving, and analytical skills
- Expertise in cloud security for platforms like AWS, Azure, and Google Cloud.
- Knowledge of encryption technologies and their implementation.
- Ability to conduct thorough security risk assessments and develop mitigation strategies.
- Experience with IAM, including SSO, access control, and user provisioning.
- Familiarity with vulnerability scanning tools and interpreting results.
- CISSP and other security certifications preferred
YOU'LL WORK WITH
You will be part of a global team located across Europe, Asia, and the Americas, working in a highly
collaborative environment with like-minded colleagues. If you are a passionate Global IT Enterprise Security Architect with experience in cloud security and a desire to innovate and lead the way in AI security, then we encourage you to apply for this exciting opportunity
Job Tags
Remote job,