Who We Are

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.

What You'll Do

The Cloud Security Engineer will lead the implementation and management of BCG X’s product and cloud infrastructure security programs, with a specific emphasis on securing Machine Learning and AI workloads and integrating security best practices within software engineering and Site Reliability Engineering (SRE) processes. This role aligns closely with Information Security & Risk Management standards, ensuring robust security posture within a Software as a Service (SaaS) environment.

What You'll Bring

5+ years experience in software engineering, cloud infrastructure, or SRE roles with explicit responsibilities related to security implementation.3+ years of dedicated experience securing Machine Learning or AI workloads in SaaS environments.Deep understanding of cloud security practices in Azure, AWS, or GCP, specifically tools like Azure Security Center, AWS Security Hub, GCP Security Command Center, CPSM, and modern SIEM solutions.Expertise in container orchestration platforms and securing containerized applications (Docker, Kubernetes).Proven track record designing and implementing robust security controls across web applications, APIs, networks, and databases.Experience integrating automated security tooling within CI/CD pipelines and infrastructure as code (IaC).Strong knowledge of identity and access management (IAM), threat modeling, and vulnerability assessment and remediation practices.Familiarity with regulatory frameworks and standards such as SOC 2, ISO 27001, CSA CCM, and secure software development standards.Security certifications such as CISSP, CISM, or equivalent preferred.Exceptional communication skills to effectively collaborate with stakeholders, translate complex security concepts clearly, and act as a trusted advisor for technical and business decision-makers.

Who You'll Work With

You will work in a fast-paced, intellectually challenging, product-oriented environment. You will work with application developers, product managers and cloud infrastructure teams to provide security expertise and guidance. You will be a part of an enthusiastic and motivated team of security professionals in support of delivering software and data solutions to our clients.

Additional info

YOU’RE GOOD AT

Partnering closely with engineering, product, and infrastructure teams to embed security within Machine Learning pipelines, software development lifecycles (SDLC), and operational processes.Designing, implementing, and managing security solutions tailored specifically to secure complex ML/AI workloads.Collaborating with SRE and DevOps teams to enhance infrastructure resiliency and automate security practices, minimizing operational risks.Evaluating and mitigating risks in containerized environments (Docker, Kubernetes), including vulnerability management and runtime protection.Conducting and reviewing security assessments, proactively identifying vulnerabilities, and prioritizing remediation strategies with development and infrastructure teams.Enhancing visibility and security analytics capabilities, including SIEM, threat detection, incident response automation, and security logging specific to ML workloads.Developing and implementing proactive monitoring solutions and operational security controls tailored to secure cloud-native architectures.Keeping informed of emerging security threats, particularly those targeting AI/ML environments, container security, and cloud-native technologies.

Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.\n
BCG is an E - Verify Employer. Click here for more information on E-Verify.