WHAT YOU'LL DOThe IT Cyber Security Senior Analyst works with various teams inside BCG (Information Management Team, Global Functions and IT) and with vendors, suppliers, and partners to support the SOC’s mission of preventing, detecting, and responding to cyber threats.The IT Cyber Security Senior Analyst is an experienced position within the CSIRT and has a thorough understanding of the incident response domain, including triage and escalation. This analysts that can work simultaneously on multiple security incidents and security-related problems. The IT Cyber Security Senior Analyst interacts closely with BCG’s SIEM and MSSP to detect and understand the current threats against BCG’s network, and provides Tier 3 incident response support. These tasks ensure that all cyber security incidents are accessed and communicated to relevant stakeholders in a timely manner.This includes, but is not limited to:Interacting closely with BCG’s MSSP identify, assess, and communicate cyber events in a timely mannerResponding to security event alerts from multiple sourcesQuickly, efficiently, and accurately triaging and escalating cyber events to senior team members.Maintaining industry knowledge of SIEM and threat intelligence and its interactions with other technologies, such as Active Directory, Log Management, Ticketing, Information Management, Cloud Services, Devices, etc.Collecting, monitoring, and analyzing log data produced by the BCG's SystemReviewing and preparing monthly status reports and statisticsFollowing-up on incidents, issues, and concerns related to security events and data lossProviding backup to other BCG Security Architects to audit, monitor and report on the various components of BCG IT securityInteracting closely with BCG’s MSSP identify, assess, and communicate cyber events in a timely mannerBalance cost, risk, security, user convenience, and business requirements in all aspects of workJOB RESPONSIBILITIES:Under the general direction of the Information Security Manager or delegate and working with other IT, BST, etc. throughout the firm, the roles will perform the following functions:Participate as an integral part of the Security Team and IT in generalWork closely with CSIRT team people & technology to detect, assess, and communicate cyber threatsUpdate the Security Team and other groups on industry trends and recommend initiatives to help lower riskDefine SIEM use cases to collect, monitor and analyze data to discover and discern trends, threats, and security risks associated with BCG assets and information.Recommend and create SIEM rules to protect BCG and BCG client confidential informationProactively monitoring and analyze logs via the SIEM for indicators of attackMentoring more junior team membersWith the Information management team, follow-up on incidents, issues, and concerns related to data lossManage incidents related to data loss, producing alerts and escalating issues to appropriate managementProvide SIEM solutions and support for specific case team and/or project needs and requirementsDevelop and produce operational metrics that demonstrate the effectiveness of controls, quantifies security risks and issues, confirms service levels, tracks incident type and volume Apply industry and BCG security knowledge, policy, standards, practices to incident responseRespond to inquiries related to data loss and inappropriate sharingDevelop standard materials in support of BCG Information SecurityRespond to, and to the extent possible, accommodate special requests and requirementsTrack and report on security issuesAll other tasks and responsibilities as requested by managerMaintain up-to-date knowledge of the cyber security industry as it relates to BCG including:Attacker methods and TTPsStandards, regulations and legislation.Threats and vulnerabilitiesTechnologies and solutionsIndustry best practicesClient requirements and concernsProvide input and represent BCG and client interests in the areas of:Incident response and investigationIncident response management for client security incidentsWork with IT Directors, Managers, Architects and staff to implement, monitor and maintain Confidentiality, Availability and Integrity of BCG information assetsTrack and manage materials provided to external providers and clientsMaintain information security credentials and certifications as required to present a credible presence to internal and external audiencesYOU'RE GOOD ATTechnical and functional expertiseRequires an advanced level of professional knowledge in information technology and security developed through a combination of advanced degrees in information technology and hands on experience.Must have previous career development experience which has provided management skills, motivational skills, interpersonal skills, and outstanding organizational effectivenessKnowledge of the legal and regulatory landscape related to security and privacy in an international environmentVery strong business sense with ability to relate technology issues to businessProblem solving, analytical skills and decision makingRequires strong analytical skills and abilities including an extensive knowledge of software, database, operating systems, client server architecture and voice and data communication services and facilities, security and privacy, in an international settingCollect, review, and analyze various metrics, which help to measure and monitor systems, departmental performance, and quality. Discern and analyze trends.Review and prepare monthly status reports and statisticsManage group and project budgetsCommunication, interpersonal and teaming skillsOutstanding verbal and written communications skills are a must because of the requirement to represent BCG in communications with clients.Calm demeanor, grace under fire, outstanding listening skillsLeadership, impact and changeHigh level of initiative and self-motivation, resourceful, and patient with an iterative processAbility to gain trust and commitment of others at different levels of the organizationProven ability to challenge traditional way of operating and moving beyond the obviousTranslates BCG’s broader strategic objectives and cascades these into own work plans, metrics and team work plansWorks effectively with significant ambiguity and fluctuating priorities and constrainsWork management, organization and planningAbility to evaluate and prepare detailed project plans for technology projects that will be implemented across the business. Manage local and global technology problems and direct staff in resolution of such problems. Evaluate and advise on the technology and systems components associated with projects adopted by BCG corporate and officesAbility to monitor projects and direct staffs to ensure projects are aligned with the strategic objectives of the businessCustomer and business focusFocuses on the most critical issues that have the highest impact on the organization and business needsWorking mode: “enabling”, “value adding” and “expanding”Treats all others with respect; generate trustPeople managementThis position requires interaction with BCG Partners, BCG Case Team staff, client legal and security staff, Administrative Management, vendors, IT Management and Staff, Legal Department, Finance, Vendors, etc. Very strong relationship skills are essential. Excellent Leadership and teaming skills are requiredValues and ethicsStrong sense of confidentiality and integrityTreats others with respect and generates trustEstablish relationships based on respect, trust and integrity.YOU BRING (EXPERIENCE & QUALIFICATIONS)Bachelor’s degree (or equivalent);Minimum of 3 to 5 years of information security experience, with a very strong technical backgroundSignificant information security and risk management experience in a multinational enterpriseDemonstrated Threat Hunting and Incident Response experience (from a Consultancy or SOC environment)Experience with Security Information and Event Management (SIEM) monitoring tools and their use (Splunk, Arcsight, QRadar or similar)Security certification like CISSP, CEH, GIAC Certified Intrusion Analyst (GCIA) or GIAC Certified Incident Handler (GCIH) or equivalent a plusYOU'LL WORK WITHMust be able to perform successfully in a fast-paced, intellectually intense, service-oriented environment and to interpret rules and guidelines flexibly to enhance the business and in keeping with BCG’s values and culture.Experience working successfully within a complex matrix structured organization is essential.It is necessary to have the ability to understand and manage complex reporting relationships and incorporate multiple cultures.