WHAT YOU'LL DO

　　The DFIR & CTI Senior Director is responsible for leading and driving BCG's cyber attack detection and response efforts, overseeing growth and maturity of digital forensics, incident response, threat hunting, investigations into information security incidents, purple teaming, and cyber threat intelligence gathering. This role interfaces closely with and influences first-line-of-defense technical product owners, portfolio leaders, security engineers, security solution architects, and red team leaders. This leader shines when the pressure is high, when BCG is targeted by sophisticated threat actors, as a trusted advisor to the Chief Information Security Officer and Chief Risk Officer.

　　The DFIR & CTI Senior Director will drive the evolution of both proactive and reactive detection and investigation capabilities. They will drive strategy and improvements in enterprise information security risk management across the various branches of BCG's ability to detect and contain cyber attacks in progress. They will attract, retain, and grow a high-performing, diverse, talented team of cyber security engineers.

　　YOU'RE GOOD AT

　　Leading teams through change, ambiguous situations, and competing priorities.

　　Understanding the business, strategy, and information security requirements, discerning between outputs and outcomes and bringing data-driven stories to key stakeholders; implementing information security standards, overseeing incident response and threat hunts, driving improvement in threat actor detection capabilities.

　　Co-leading continuous purple teaming, attack simulations, and cyber threat tabletop exercises with ISRM leadership team peers.

　　Working closely with IT, HR and legal teams to execute and continuously improve incident investigations.

　　Influencing Senior Directors and Executive Directors to mature and promote industry-leading detection capabilities across the overall technology landscape.

　　Sharing best practices in information security between the business units and the rest of the enterprise.

　　Synthesizing industry knowledge and external threat intelligence into actionable business communication. Consulting with architects and product owners on likely threat scenarios based on real-world experience.

　　Driving consumption of tech telemetry and reconstruction of attacks executed and in progress.

　　Strategically balancing team skillset with vendor capabilities to provide comprehensive, ever-maturing capabilities for detection, incident handling, digital forensics, threat hunting, purple teaming, and threat intelligence consumption.

　　YOU BRING (EXPERIENCE & QUALIFICATIONS)

　　Bachelor's degree (or equivalent).

　　Minimum of 12 years of information security risk management experience, with a strong background in cloud infrastructure, network security, malware and ransomware, security applications and technologies.

　　Subject matter expert in cyber security practices that include the configuration and architecture of security tools and products, machine learning and security operations center operation, threat intelligence feeds (STIX/TAXII), security incident event management (SIEM), digital forensics tools (e.g. Encase, FTK, Wireshark, etc.), and other tools of the trade.

　　Expert knowledge with hands-on experience across multiple security platforms.

　　Knowledge of the legal and regulatory landscape related to security and privacy in an international environment.

　　Executive presence, ability to influence senior IT and Global Risk leaders.

　　Knowledge of cyber security landscape in modern digital technologies, particularly in cloud Security, in technological, business and operational aspects.

　　Ability to communicate (written and verbally) highly complex and technical concepts and information risk to technical and non-technical business audience to aid them in making informed risk decisions.

　　Experience leading a global, cross-functional team.

　　* Ability to apply entrepreneurial and innovative mindset and attitude to adapt to the speed and agility needed for evolving business demands.

　　YOU'LL WORK WITH

　　A global team of information security professionals and business leaders. Interact daily with the world's most remarkable entrepreneurs, designers, engineers, architects, product experts and developers collaborating to create strategic advantage for the most important global companies. You will work in a fast-paced, intellectually intense, service-oriented environment to interpret rules and guidelines flexibly to enhance the business and in keeping with BCG's values and culture. You will be an integral part of the BCG Information Security Risk Management team in delivering the security program for all of BCG.