Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the design and evolution of BCG's security platforms across various domains.
- Company: Join Boston Consulting Group, a pioneer in business strategy since 1963, driving transformation globally.
- Benefits: Enjoy a hybrid work model with opportunities for travel and collaboration.
- Why this job: Be part of a dynamic team shaping security innovation while making a global impact.
- Qualifications: 10+ years in cybersecurity with leadership experience; expertise in IAM and cloud environments required.
- Other info: BCG values diversity and is an Equal Opportunity Employer.
The predicted salary is between 72000 - 108000 £ per year.
Locations: Canary Wharf | Atlanta | Boston
Who We Are
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation - inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures - and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.
What You'll Do
The Senior Director – Security Engineering Platform Lead is responsible for leading the design, delivery, and continuous evolution of BCG's security platforms across identity, device, and data protection domains. This role ensures end-to-end security engineering across all technology environments, including cloud, on-prem, and hybrid systems. The leader will drive strategic planning, execution, and operations of scalable, automated, and resilient security controls that protect BCG’s global operations and users, while enabling innovation and agility across BCG Core, BCG X, and CT worldwide. This role is also accountable for embedding security within DevSecOps practices, enforcing automation at scale, and applying Site Reliability Engineering (SRE) principles across all security services. The role requires strong partnership with ISRM, with a focus on balancing and prioritizing security requirements, automation opportunities, user experience needs, and broader business outcomes.
Key Responsibilities:
- Strategic Leadership & Transformation: Define and execute a unified security engineering strategy that addresses identity, endpoint, and data protection across all environments. Lead the design and implementation of scalable, automated security solutions that integrate seamlessly into enterprise platforms and user experiences. Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response. Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations. Champion DevSecOps practices to embed security early into development and delivery workflows.
- Security Platform Engineering: Lead end-to-end engineering for identity and access management (IAM), including authentication, authorization, and privileged access controls. Oversee endpoint security architecture and enforcement, ensuring comprehensive coverage for threat detection, malware prevention, and device compliance. Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Integrate security controls into CI/CD pipelines, cloud-native services, and on-prem platforms to enforce security-by-design principles. Deliver security capabilities that support modern work scenarios, remote access, zero-trust networking, and AI/ML workloads. Leverage automation frameworks and IaC to improve scalability and reduce manual intervention.
- Operational Security, SRE & Assurance: Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness. Embed security telemetry and observability to enable proactive threat detection and automated response. Apply SRE principles to improve reliability, performance, and maintainability of security services. Lead platform health, patching automation, and vulnerability remediation workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services.
- Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls and continuous compliance checks. Lead risk mitigation efforts with technical solutions that scale across diverse user and system profiles.
- Financial & Vendor Management: Manage security platform budgets and investments with a focus on cost optimization and long-term value. Evaluate and manage third-party vendors and partners, ensuring they meet technical, contractual, and security expectations. Lead procurement and renewal cycles in alignment with operational and architectural strategies.
- Leadership & Talent Development: Build and mentor a global team of security engineers, fostering a high-performance, collaborative, and forward-thinking culture. Drive internal knowledge sharing and upskilling programs across security architecture, automation, and secure software engineering. Collaborate cross-functionally with platform, product, and enterprise architecture teams to embed security early and often.
What You'll Bring
Required Qualifications: 10+ years of experience in cybersecurity, security engineering, or platform security roles. 5+ years in a senior leadership position with accountability for enterprise-scale security platforms. Deep expertise in IAM, endpoint security, and data protection technologies, with proven ability to design and scale global solutions. Experience with security engineering in hybrid and cloud-native environments (AWS, Azure, GCP). Proven track record in automating security controls, implementing zero-trust models, and supporting 24x7 security operations. Strong understanding of compliance frameworks and risk management strategies.
Preferred Qualifications: Certifications such as CISSP, CCSP, CISM, AWS/Azure Security Specialty, or equivalent. Experience with tools like Okta, Azure AD, CrowdStrike, Tanium, Zscaler, Vault, and other modern security platforms. Familiarity with DevSecOps principles, Infrastructure as Code, and secure software development practices.
Work Environment & Additional Information:
Hybrid or on-site work model. Occasional travel may be required for business, vendor, or team engagement. Ability to operate in a fast-paced, complex environment, balancing long-term strategy with operational agility.
Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E-Verify Employer.
Global IT Security Platform Senior Director employer: The Boston Consulting Group GmbH
Contact Detail:
The Boston Consulting Group GmbH Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Global IT Security Platform Senior Director
✨Tip Number 1
Familiarise yourself with the latest trends in cybersecurity, especially around IAM, endpoint security, and data protection. Being well-versed in these areas will not only help you during interviews but also demonstrate your commitment to staying current in a rapidly evolving field.
✨Tip Number 2
Network with professionals in the cybersecurity space, particularly those who have experience in leadership roles. Attend industry conferences or webinars, and engage in discussions on platforms like LinkedIn to build connections that could provide insights or referrals.
✨Tip Number 3
Showcase your experience with automation and DevSecOps practices in your conversations. Highlight specific projects where you've successfully implemented security controls or improved processes, as this aligns closely with the responsibilities of the role.
✨Tip Number 4
Prepare to discuss how you would approach building and mentoring a team of security engineers. Think about your leadership style and how you can foster a collaborative culture, as this is a key aspect of the Senior Director role.
We think you need these skills to ace Global IT Security Platform Senior Director
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, security engineering, and platform security roles. Emphasise your leadership experience and any specific technologies mentioned in the job description, such as IAM, endpoint security, and cloud environments.
Craft a Compelling Cover Letter: In your cover letter, explain why you are passionate about security engineering and how your background aligns with BCG's mission. Mention specific achievements that demonstrate your ability to lead security initiatives and drive transformation.
Highlight Relevant Certifications: If you have certifications like CISSP, CCSP, or AWS/Azure Security Specialty, make sure to include them prominently in your application. These qualifications can set you apart from other candidates.
Showcase Leadership Skills: Since this role requires strong leadership capabilities, provide examples of how you've built and mentored teams in the past. Discuss your approach to fostering a collaborative culture and driving internal knowledge sharing.
How to prepare for a job interview at The Boston Consulting Group GmbH
✨Understand the Role Deeply
Before the interview, make sure to thoroughly understand the responsibilities and expectations of the Global IT Security Platform Senior Director role. Familiarise yourself with BCG's security platforms, DevSecOps practices, and compliance frameworks mentioned in the job description.
✨Showcase Your Leadership Experience
As this position requires strong leadership skills, be prepared to discuss your previous experiences in leading teams and projects. Highlight specific examples where you successfully implemented security solutions or drove strategic initiatives in cybersecurity.
✨Demonstrate Technical Expertise
Be ready to discuss your technical knowledge in areas such as IAM, endpoint security, and data protection technologies. Prepare to explain how you've applied these technologies in hybrid and cloud environments, and share any relevant certifications you hold.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving abilities and decision-making skills in real-world situations. Think about challenges you've faced in previous roles and how you overcame them, particularly in relation to security operations and risk management.
