Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

Information Security Risk Manager

AT Boston Consulting Group (BCG)
Boston Consulting Group (BCG)

Information Security Risk Manager

London, United Kingdom

WHAT YOU'LL DO
As the Information Security Risk Manager at BCG, you will be a key player in our efforts to protect digital assets and manage cybersecurity risks. This pivotal role involves overseeing the risk management framework, maintaining the risk register, and managing the overall risk operations within the organization. Your strategic and operational expertise will ensure that information security risks are identified, assessed, and mitigated effectively. You will be part of the ISRM Strategy & Governance team, contributing to the strategic direction and governance of the information security program. This includes executing risk assessment methodologies, participating in security awareness programs, and ensuring comprehensive metrics and reports including key performance and risk indicators are appropriately maintained.

Want more jobs like this?

Get Project Management jobs in London, United Kingdom delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

YOU'RE GOOD AT

Information Security: You should demonstrate a deep and comprehensive understanding of information security risk principles including threat, vulnerability, risk, and controls.
Practical application of risk management should be your fundamental competency.
Risk Management: You excel in developing, maintaining, and continuously updating a comprehensive risk register that tracks all known information security risks, their potential impacts, and mitigation strategies.
Operational Leadership: You are adept at leading the day-to-day operations of identifying, evaluating, and mitigating risks, ensuring alignment with internal policies and external regulations.
Strategic Planning: You have a strong capability in crafting strategic risk management plans that are in harmony with the organization's objectives and security standards, and coordinating these efforts across various company levels.
Stakeholder Engagement: You are proficient in communicating risk-related issues and strategies to stakeholders, including executive leadership and external partners, providing clear and concise reports and presentations.

YOU BRING (EXPERIENCE & QUALIFICATIONS)

Experience and Skills: 7+ years in a Global Information Security function, preferably within high-stakes or rapidly changing industries, driving Information Security Strategy and Governance. Candidate should be driving Information Security Strategy and Governance with a deep and broad understanding of information security principles including threat, vulnerability, risk, and controls, specifically around policies, security practices, and risk management methodologies.
Technologies: Advanced proficiency with AuditBoard is preferred. Experience with other key cybersecurity technologies such as SIEM, firewall management, and intrusion detection systems is highly regarded.
Education: Bachelor's degree in computer science, information security, or a related field; a graduate degree is a plus.
Competencies: Candidates must exhibit technical and functional expertise in IT and security, including advanced project management skills and proficiency in leading cross-functional teams. Excellent interpersonal skills, such as motivational capabilities and organizational effectiveness, are crucial. Must possess outstanding problem-solving and analytical capabilities, with a proven track record of innovative solutions in past roles.
Communication Skills: Excellent oral and written communication skills in English. Ability to work independently, follow a disciplined approach, and have an analytical mindset with a desire to learn and work bi-modally.
International Experience: Experience in working in a global, multi-national organization. Additional experience with global security operations and understanding the complexities of multi-regional compliance and data protection laws are essential.
* Certifications: Certifications like CISSP, CISM, CRISC are definitely a plus

YOU'LL WORK WITH
As part of the Global Risk team - Information Security Risk Managment you will work with people around the global, mostly with the functions IT, Enterprise Risk Management, Assurance and Advisory, Information Security and Lega.l

Client-provided location(s): London, UK
Job ID: Boston_Consulting_Group-23193BR
Employment Type: Other

Perks and Benefits

  • Health and Wellness

    • On-Site Gym
    • Health Insurance
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • FSA
    • Fitness Subsidies
    • Mental Health Benefits
    • Virtual Fitness Classes
    • FSA With Employer Contribution
  • Parental Benefits

    • Fertility Benefits
    • Adoption Assistance Program
    • Family Support Resources
    • Birth Parent or Maternity Leave
    • Non-Birth Parent or Paternity Leave
    • Adoption Leave
  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities
    • Hybrid Work Opportunities
    • Four-Day Work Week
  • Office Life and Perks

    • On-Site Cafeteria
    • Commuter Benefits Program
    • Casual Dress
    • Happy Hours
    • Snacks
    • Some Meals Provided
    • Company Outings
    • Holiday Events
  • Vacation and Time Off

    • Sabbatical
    • Paid Vacation
    • Paid Holidays
    • Personal/Sick Days
    • Leave of Absence
    • Volunteer Time Off
  • Financial and Retirement

    • Relocation Assistance
    • Financial Counseling
    • 401(K)
    • Performance Bonus
    • Profit Sharing
    • Company Equity
  • Professional Development

    • Internship Program
    • Work Visa Sponsorship
    • Learning and Development Stipend
    • Tuition Reimbursement
    • Promote From Within
    • Mentor Program
    • Access to Online Courses
    • Lunch and Learns
    • Leadership Training Program
    • Associate or Rotational Training Program
    • Shadowing Opportunities
  • Diversity and Inclusion

    • Diversity, Equity, and Inclusion Program
    • Employee Resource Groups (ERG)