Boston Consulting Group
Locations : Lisbon London Who We Are Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What You'll Do Investigations Oversight Lead complex, high-profile compliance investigations across global BCG offices, from intake to resolution and closure. Scope, plan, and conduct investigations with rigor, ensuring consistency, fairness, and alignment with BCG's Values, Code of Conduct, and regulatory requirements. Identify root causes and partner with stakeholders to design and implement remedial actions that prevent recurrence. Conduct thorough interviews with investigation subjects and witnesses to gather all necessary information and evidence. Establish and uphold rigorous documentation and reporting standards for investigations globally. Risk Assessment & Prevention Analyze investigation outcomes and identify global trends to feed into BCG's global risk assessment projects and inform broader compliance risk management priorities. Recommend enhancements to policies, procedures and controls (including training and comms) based on investigative insights. Share lessons learned across regions and functions to strengthen BCG's global control environment and enhance the maturity of the Compliance programme. Stakeholder Engagement & Decision Enablement Act as a trusted partner and provide strategic counsel to senior stakeholders worldwide on sensitive compliance matters. Collaborate with Risk, Legal, HR, Finance, IT and other functional areas to carry out effective and thorough investigations and to ensure investigative findings drive meaningful change in the organisation. Provide concise, business-relevant updates to executive leadership, escalating significant matters as appropriate. Program Execution & Reporting Develop and deliver investigation reports, dashboards, and thematic analyses for regional and global leadership. Ensure the completeness and accuracy of investigation records in BCG's internal tools and systems. Contribute to the design and implementation of global KPIs and metrics to assess investigative effectiveness and feed into BCG's risk registers. Culture & Training Promote awareness of reporting channels and investigation processes globally, reinforcing a culture of accountability and transparency. Design and deliver training to strengthen investigative capability within the compliance function, as well as other global functions. Team Leadership Provide coaching and mentoring to the Compliance and Risk teams, sharing investigative expertise and best practices. Act as a role model, demonstrating integrity, resilience, rigour and professionalism in handling sensitive matters. YOU'RE GOOD AT Navigating high-stakes, cross-border ethics and compliance incidents with discretion, sensibility, rigour and empathy. Leading investigations in diverse regulatory and cultural contexts. Analysing large and complex datasets from multiple sources to identify and assess compliance issues. Problem-solving and thinking creatively about how to obtain the evidence required to conduct and resolve investigations. Communicating with clarity and authority to senior executives and global stakeholders. Driving consistency and quality in investigative practices across a complex, global organization. Balancing independence with collaboration to achieve fair, thorough and informed outcomes. What You'll Bring Bachelor's degree in a relevant discipline; advanced degree (e.g., JD, MBA, or equivalent) strongly preferred. 6 - 8+ years of experience in compliance, investigations, legal, audit, or related fields, with proven global exposure. Demonstrated expertise in leading complex investigations across multiple geographies and regulatory regimes. Strong knowledge of investigative methodologies and best practices in a multinational setting, including evidence gathering and review, interviewing and report writing. Track record of influencing senior leadership and driving the adoption of remediation measures. Advanced knowledge of Microsoft Office Suite (PowerPoint, Excel, Word); familiarity with case management systems and business intelligence tools (Tableau, Power BI, Mimecast, Microsoft Purview). Commitment to confidentiality and the highest ethical standards. Who You'll Work With You will be part of the Global Compliance team, reporting to the Global Compliance Director, with a reporting line into the Global Head of Compliance and the Chief Risk Officer. The Global Compliance team operates within the Global Risk function. In this role, you will collaborate with colleagues across BCG's global network of regional compliance teams, and work closely with stakeholders including Managing Directors and Partners, Risk & Compliance Nodes, Legal, HR, Finance, Employee Relations, IT and other cross-functional partners. Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E - Verify Employer. Click here for more information on E-Verify.
Locations : Lisbon London Who We Are Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What You'll Do Investigations Oversight Lead complex, high-profile compliance investigations across global BCG offices, from intake to resolution and closure. Scope, plan, and conduct investigations with rigor, ensuring consistency, fairness, and alignment with BCG's Values, Code of Conduct, and regulatory requirements. Identify root causes and partner with stakeholders to design and implement remedial actions that prevent recurrence. Conduct thorough interviews with investigation subjects and witnesses to gather all necessary information and evidence. Establish and uphold rigorous documentation and reporting standards for investigations globally. Risk Assessment & Prevention Analyze investigation outcomes and identify global trends to feed into BCG's global risk assessment projects and inform broader compliance risk management priorities. Recommend enhancements to policies, procedures and controls (including training and comms) based on investigative insights. Share lessons learned across regions and functions to strengthen BCG's global control environment and enhance the maturity of the Compliance programme. Stakeholder Engagement & Decision Enablement Act as a trusted partner and provide strategic counsel to senior stakeholders worldwide on sensitive compliance matters. Collaborate with Risk, Legal, HR, Finance, IT and other functional areas to carry out effective and thorough investigations and to ensure investigative findings drive meaningful change in the organisation. Provide concise, business-relevant updates to executive leadership, escalating significant matters as appropriate. Program Execution & Reporting Develop and deliver investigation reports, dashboards, and thematic analyses for regional and global leadership. Ensure the completeness and accuracy of investigation records in BCG's internal tools and systems. Contribute to the design and implementation of global KPIs and metrics to assess investigative effectiveness and feed into BCG's risk registers. Culture & Training Promote awareness of reporting channels and investigation processes globally, reinforcing a culture of accountability and transparency. Design and deliver training to strengthen investigative capability within the compliance function, as well as other global functions. Team Leadership Provide coaching and mentoring to the Compliance and Risk teams, sharing investigative expertise and best practices. Act as a role model, demonstrating integrity, resilience, rigour and professionalism in handling sensitive matters. YOU'RE GOOD AT Navigating high-stakes, cross-border ethics and compliance incidents with discretion, sensibility, rigour and empathy. Leading investigations in diverse regulatory and cultural contexts. Analysing large and complex datasets from multiple sources to identify and assess compliance issues. Problem-solving and thinking creatively about how to obtain the evidence required to conduct and resolve investigations. Communicating with clarity and authority to senior executives and global stakeholders. Driving consistency and quality in investigative practices across a complex, global organization. Balancing independence with collaboration to achieve fair, thorough and informed outcomes. What You'll Bring Bachelor's degree in a relevant discipline; advanced degree (e.g., JD, MBA, or equivalent) strongly preferred. 6 - 8+ years of experience in compliance, investigations, legal, audit, or related fields, with proven global exposure. Demonstrated expertise in leading complex investigations across multiple geographies and regulatory regimes. Strong knowledge of investigative methodologies and best practices in a multinational setting, including evidence gathering and review, interviewing and report writing. Track record of influencing senior leadership and driving the adoption of remediation measures. Advanced knowledge of Microsoft Office Suite (PowerPoint, Excel, Word); familiarity with case management systems and business intelligence tools (Tableau, Power BI, Mimecast, Microsoft Purview). Commitment to confidentiality and the highest ethical standards. Who You'll Work With You will be part of the Global Compliance team, reporting to the Global Compliance Director, with a reporting line into the Global Head of Compliance and the Chief Risk Officer. The Global Compliance team operates within the Global Risk function. In this role, you will collaborate with colleagues across BCG's global network of regional compliance teams, and work closely with stakeholders including Managing Directors and Partners, Risk & Compliance Nodes, Legal, HR, Finance, Employee Relations, IT and other cross-functional partners. Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E - Verify Employer. Click here for more information on E-Verify.
Experis
Job Description: Cybersecurity Consultant (Cloud, Data, AI & Microsoft Security) Department: Information Security - (Data & AI team) Duration: Duration 4 months Location : London (Hybrid) Role Overview We are looking for a highly skilled Cybersecurity Consultant with strong expertise across Microsoft Security , Cloud Security , Data Protection , and emerging AI/LLM security and governance . The role focuses on identifying security gaps, defining secure-by-design patterns, supporting product and platform teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute to the Operating Securely program by providing information security advice and support to product and engineering teams and validate that security controls are in place and issues / vulnerabilities remediated Perform technical risk assessments for proposed new and changing systems, including products that are designed and built by the client as well as the secure deployment and configuration of business applications that report on and analyse data, e.g. Power BI Perform technical risk assessments and advise product and engineering teams on the secure implementation of AI based solutions, e.g. autonomous AI agents, LLMs, LRMs, and AI-enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around data pipelines, repositories, network security, API security, middleware, and cloud architectures. Conduct technical security risk assessments , produce risk statements/reports, and support teams with remediation and mitigation strategies. Develop security controls, standards, and documentation for product teams, platform engineering, and data services (e.g., pipelines, warehouses, data sources). Provide expert guidance on Microsoft Security Stack , including: Microsoft Defender (XDR, MDE, MDI) Microsoft Entra ID (SSO, MFA, Conditional Access, PIM) Microsoft Purview (DLP, Information Protection, Data Governance, DSPM) Microsoft 365 Copilot & GitHub Copilot security enablement Partner with data governance, platform engineering, DevOps, and architecture teams to embed secure-by-design Support secure adoption of cloud-native technologies (Azure), DevSecOps pipelines, GitOps practices, and GitHub Advanced Security (GHAS). Oversee security controls for cryptography, key management, secrets management, HSM/Key Vault configurations , and cloud network security (firewalls, proxies, segmentation). Drive secure integration of AI/LLM tools , including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response , working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control, and lifecycle management of sensitive data. Essential Skills & Experience Strong understanding of security frameworks (CIS), MITRE ATT&CK, and AI/LLM security frameworks. Hands-on experience with Azure cloud security , DevSecOps, and cloud-native architectures. Expertise with Microsoft 365 Security and Azure Security Strong knowledge of IAM (SSO, MFA, Conditional Access, AAD/Entra, PIM). Experience delivering data security , DLP, DSPM, and governance controls using Microsoft Purview. Practically skilled in AI security , including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. Desirable Skills Experience with secure data platforms (Azure Data Factory, Data Lake, SQL, or similar). Knowledge of API, container security, Kubernetes, and infrastructure-as-code security. Familiarity with PCI, GDPR, data privacy requirements, and compliance frameworks. Exposure to adaptive protection, insider risk management, and automated DLP frameworks. Personal Attributes Strong communicator able to work across engineering, data, product, and business teams. Highly analytical with a structured approach to problem-solving. Comfortable in fast-paced environments undergoing modernization and AI adoption. Ability to influence teams and drive secure-by-design culture across the organization
Job Description: Cybersecurity Consultant (Cloud, Data, AI & Microsoft Security) Department: Information Security - (Data & AI team) Duration: Duration 4 months Location : London (Hybrid) Role Overview We are looking for a highly skilled Cybersecurity Consultant with strong expertise across Microsoft Security , Cloud Security , Data Protection , and emerging AI/LLM security and governance . The role focuses on identifying security gaps, defining secure-by-design patterns, supporting product and platform teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute to the Operating Securely program by providing information security advice and support to product and engineering teams and validate that security controls are in place and issues / vulnerabilities remediated Perform technical risk assessments for proposed new and changing systems, including products that are designed and built by the client as well as the secure deployment and configuration of business applications that report on and analyse data, e.g. Power BI Perform technical risk assessments and advise product and engineering teams on the secure implementation of AI based solutions, e.g. autonomous AI agents, LLMs, LRMs, and AI-enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around data pipelines, repositories, network security, API security, middleware, and cloud architectures. Conduct technical security risk assessments , produce risk statements/reports, and support teams with remediation and mitigation strategies. Develop security controls, standards, and documentation for product teams, platform engineering, and data services (e.g., pipelines, warehouses, data sources). Provide expert guidance on Microsoft Security Stack , including: Microsoft Defender (XDR, MDE, MDI) Microsoft Entra ID (SSO, MFA, Conditional Access, PIM) Microsoft Purview (DLP, Information Protection, Data Governance, DSPM) Microsoft 365 Copilot & GitHub Copilot security enablement Partner with data governance, platform engineering, DevOps, and architecture teams to embed secure-by-design Support secure adoption of cloud-native technologies (Azure), DevSecOps pipelines, GitOps practices, and GitHub Advanced Security (GHAS). Oversee security controls for cryptography, key management, secrets management, HSM/Key Vault configurations , and cloud network security (firewalls, proxies, segmentation). Drive secure integration of AI/LLM tools , including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response , working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control, and lifecycle management of sensitive data. Essential Skills & Experience Strong understanding of security frameworks (CIS), MITRE ATT&CK, and AI/LLM security frameworks. Hands-on experience with Azure cloud security , DevSecOps, and cloud-native architectures. Expertise with Microsoft 365 Security and Azure Security Strong knowledge of IAM (SSO, MFA, Conditional Access, AAD/Entra, PIM). Experience delivering data security , DLP, DSPM, and governance controls using Microsoft Purview. Practically skilled in AI security , including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. Desirable Skills Experience with secure data platforms (Azure Data Factory, Data Lake, SQL, or similar). Knowledge of API, container security, Kubernetes, and infrastructure-as-code security. Familiarity with PCI, GDPR, data privacy requirements, and compliance frameworks. Exposure to adaptive protection, insider risk management, and automated DLP frameworks. Personal Attributes Strong communicator able to work across engineering, data, product, and business teams. Highly analytical with a structured approach to problem-solving. Comfortable in fast-paced environments undergoing modernization and AI adoption. Ability to influence teams and drive secure-by-design culture across the organization
