Info Security Advisor
Company: Boston Consulting Group
Location: Boston
Posted on: September 2, 2024
|
|
Job Description:
WHAT YOU'LL DO
The right candidate is responsible for managing security compliance
for BCG's software and data offerings in alignment with AICPA's SOC
1 and SOC 2 framework and ISO 27001 standards. The right candidate
must be able to demonstrate understanding of the fundamental
security compliance frameworks, understand security and compliance
audit processes and be able to collaborate with the team. The
candidate must be a proactive team player, be able to communicate
information and explanation to guide solutions. Additionally, the
candidate must demonstrate strong customer service to set of
internal stakeholders and develop positive and collaborative
relationships within own area.
The successful candidate possesses excellent interpersonal and
communication skills, both written and oral, required to partner
with team members and stakeholders across the business to identify
compliance gaps, issues and risks.
The role will report to the head of Governance & Risk Management
for BCG X and sit within BCG's information Security team.
YOU'RE GOOD AT
- Understanding cybersecurity compliance frameworks - SOC 1, SOC 2,
ISO 27k.
- Have a risk mindset, eye for detail, and can apply critical
thinking.
- Working with auditors, audit request lists and taking ownership
of gathering security audit evidence.
- Coordinating audits and conducting reviews of deliverable to
verify compliance with internal policies and industry best
practices.
- Thorough with an eye for detail to ensure completeness of audit
and compliance requests.
- Ensuring clear and expedient escalations with informed
recommendations to management.
- Being a team player and working to achieve common goal in a
dynamic setting.
- Identify and leverage lessons learned and best practices from
audits, fostering the culture of continuous improvement within
BCG.
YOU BRING (EXPERIENCE & QUALIFICATIONS)
- Broad working knowledge in key areas of security compliance
frameworks (SOC 1, SOC 2, HITRUST, ISO 27k).
- Minimum of 2 years' experience working with security compliance
audits.
- A minimum bachelor's degree in any discipline. Computer science,
cyber security and risk or technology degrees preferred.
- Fluent in English (verbal and written) Strong communication.
- Flexibility in scheduling, capable and willing to attend
conference calls outside of regular working hours to accommodate
the geographical requirements and time zones of our stakeholders,
and team members.
- Flexibility in scheduling, capable and willing to attend
conference calls outside of regular working hours to accommodate
the geographical requirements and time zones of our stakeholders,
and team members.
- Strong work management, and work ethics required.
- Ability to work successfully within a cohesive and matrixed team
environment.
- Superior interpersonal and communication skills; projects
confidence and trust.
YOU'LL WORK WITH
The role will report to the head of Governance & Risk Management
for BCG X and sit within BCG's information Security risk management
team, working closely with product and engineering, security and IT
teams.
Keywords: Boston Consulting Group, Boston , Info Security Advisor, Other , Boston, Massachusetts
Click
here to apply!
|