Cybersecurity Analyst
Role details
Job location
Tech stack
Job description
You will join BCG's Security Operations team within Information Security and Risk Management, focused on Attack Surface Management. In this role, you will help protect BCG's global multi-cloud environment by monitoring and triaging cloud security findings, applying contextual risk reasoning, and supporting remediation across AWS, Azure, and Google Cloud.
You will also support BCG's growing AI security coverage by helping identify exposure across AI and LLM workloads, cloud services that support AI-enabled applications, and emerging AI-adjacent attack paths. You will work with more senior team members to interpret risk, escalate priority issues, and provide clear, actionable guidance to engineering and platform teams.
You will:
- Monitor, triage, and investigate findings across CNAPP capabilities, including CSPM, CIEM, KSPM, CWPP, IaC security, secrets detection, SCA/SBOM, API security posture, external attack surface management, and AI workload exposure.
- Apply contextual risk reasoning to cloud and AI-adjacent findings, considering exploitability, attack path reachability, effective permissions, data exposure, model access, and potential blast radius.
- Help identify toxic combinations across cloud, identity, workload, API, and AI service configurations that may create meaningful exposure when chained together.
- Investigate zero-day and critical vulnerability exposure across cloud workloads, containerized services, inference endpoints, orchestration layers, and supporting data stores.
- Monitor AI and LLM workload risks such as exposed inference endpoints, overly permissive model access, unsafe secrets handling, vector store exposure, and LLMOps pipeline misconfigurations.
- Support remediation by translating findings into clear, developer-actionable guidance, tracking open items, following up with asset owners, and escalating aged or blocked issues with clear risk context.
- Contribute to shift-left security by reviewing IaC and CI/CD findings, supporting security guardrail adoption, and helping reduce recurring cloud and AI workload misconfigurations.
- Write scripts, improve saved queries, update runbooks, and contribute observations that improve CNAPP signal quality, automation, and operational consistency., You will be part of BCG's Security Operations team within Information Security and Risk Management, focused on Attack Surface Management. You will work closely with cloud engineering, platform engineering, security architecture, threat intelligence, and DevSecOps teams to identify, prioritize, and reduce cloud security risk across BCG's global technology environment. The team operates in a highly collaborative, technically rigorous setting, with a shared focus on clear risk ownership, practical remediation, and continuous improvement.
Requirements
- 2-4 years in information security, including 2+ years in cloud security operations.
- Hands-on experience triaging findings in CNAPP or cloud security platforms.
- Working knowledge of AWS, Azure, or Google Cloud security fundamentals.
- Ability to assess exploitability, permissions, data exposure, and attack path context.
- Basic awareness of AI workload risks, including model access and inference endpoint exposure.
- Clear written communication for developer-facing findings, remediation steps, and escalation notes.
- Python, Bash, or API experience for triage automation and finding enrichment., Preferred certifications are helpful but not required, including AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer, CCSP, or Certified Kubernetes Security Specialist.
Benefits & conditions
Pulled from the full job description
- Paid parental leave
- Parental leave
- 401(k)
- Paid time off
- Vision insurance
- Paid sick time
- Gym membership, In the US, we have a compensation transparency approach.
Total compensation for this role includes base salary, annual discretionary performance bonus, retirement contribution, and a market leading benefits package described below.
- The base salary range for this role in Atlanta is $77,000-$90,000
This is an estimated range, however, specific base salaries within the range depend on various factors such as experience and skill set. It is not common for new BCG employees to be hired at the high-end of the salary range. BCG regularly reviews its ranges to ensure market competitiveness.
In addition to your base salary, your total compensation will include a bonus of up to 12% and a generous retirement contribution that starts at 5% and moves to 10% after 2 years.
All of our plans provide best in class coverage:
- Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children
- Low $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs
- Dental coverage, including up to $5,000 in orthodontia benefits
- Vision insurance with coverage for both glasses and contact lenses annually
- Reimbursement for gym memberships and other fitness activities
- Fully vested Profit Sharing Retirement Fund contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan
- Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement
- Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month)
- Paid sick time on an as needed basis
Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.