Job Description

WHAT YOU LL DO
The Enterprise Security Architecture Senior Director is responsible for driving thought leadership across Information Security and Enterprise Architecture, identifying scalable and relevant patterns, driving adoption, and leading a team of architects who engage with engineers working in multiple tech stacks. This role reports jointly to the Chief Architect and Chief Information Security Officer, interfaces closely with and influences first-line-of-defense technical product owners, portfolio leaders, security engineers, data scientists. This leader shines when the pressure is high, acting as a trusted advisor to the Chief Information Security Officer, Chief Architect, IT Leadership Team, Information Security Risk Management leadership, and the Chief Risk Officer.

The Enterprise Security Architecture Senior Director will drive the evolution of a strong library of architecture patterns whose adoption results in secure-by-design, performant, scalable, and highly available technical products. They will attract, grow, inspire, and retain a diverse, high-performing team of security architects.

YOU RE GOOD AT

• Leading teams through change, ambiguous situations, and competing priorities.
• Understanding the business, strategy, and marries strategy to relevant information security requirements, discerning between outputs and outcomes and bringing data-driven stories to key stakeholders.
• Driving adoption of security architecture patterns, and harmonization of those patterns with peers enterprise architects vision of BCG s future technology stack.
• Influencing Senior Directors and Executive Directors to mature and promoting industry-leading security architecture across the overall technology landscape.
• Sharing best practices in information security between the business units and the rest of the enterprise.
• Enriching risk management conversations with industry knowledge and actionable architecture analysis. Consulting with architects and product owners on likely threat scenarios and effective mitigation strategies.
• Strategically balancing team skillset with vendor capabilities to provide comprehensive,
• ever-maturing capabilities for solution architecture, technology stack performance.

YOU BRING (EXPERIENCE & QUALIFICATIONS)

• Bachelor s degree (or equivalent).
• Minimum of 12 years of information security risk management experience, with a strong background in enterprise architecture, secure software development practices, cloud & infrastructure security, security applications and technologies.
• Subject matter expert in cyber security practices that include the configuration and architecture of security tools and products, service-oriented architecture, machine learning and artificial intelligence, TOGAF, Domain-Driven Design, etc.
• Expert knowledge with cumulative hands-on experience across an array of technology platforms.
• Knowledge of the legal and regulatory landscape related to security and privacy in an international environment.
• Executive presence, ability to influence senior IT and Global Risk leaders.
• Knowledge of cyber security landscape in modern digital technologies, particularly in cloud Security, in technological, business and operational aspects.
• Ability to communicate (written and verbally) highly complex and technical concepts and information risk to technical and non-technical business audience to aid them in making informed risk decisions.
• Must have experience managing compliance efforts and experience with business risk management with the ability to communicate the balance between strong security and enabling business.
• Experience leading a global, cross-functional team.
• Ability to apply entrepreneurial and innovative mind-set and attitude to adapt to the speed and agility needed for evolving business demands.

YOU LL WORK WITH
A global team of information security professionals and business leaders. Interact daily with the world s most remarkable entrepreneurs, designers, engineers, architects, product experts and developers collaborating to create strategic advantage for the most important global companies. You will work in a fast-paced, intellectually intense, service-oriented environment to interpret rules and guidelines flexibly to enhance the business and in keeping with BCG s values and culture. You will be an integral part of the BCG Information Security Risk Management and Enterprise Architecture teams in delivering the security program for all of BCG.

Boston Consulting Group