Cybersecurity Practice Lead

18 Jun 2024

Vacancy expired!

Technology & DigitalCybersecurity Practice LeadWho You'll Work WithYou will be based in Atlanta, Washington DC, Dallas, New York City, Chicago, or Waltham, and be part of the One Firm Cybersecurity (OFCS) team. You will work directly with practice leadership, engagement teams and product teams on a range of information security, data protection, and governance, risk and compliance activities, including client assurance, policy compliance, vulnerability management, risk assessments, and incident response.Sitting within the OFCS Client Practice Cybersecurity team, you will be deployed to one of McKinsey's specific practice areas full-time, and will be responsible for implementing an information security program that meets both McKinsey policies and standards and the expectations of our clients. This will involve operating and continually improving existing information security processes, as well as the development of new processes in response to evolving threats and business opportunities.What You'll DoYou will act as a security point of contact for one of McKinsey's core practices with additional support from the rest of the OFCS organization.In this role, you will leverage OFCS to continually improve the security posture of applications and solutions developed within the practice by ensuring risks are identified and appropriately mitigated. You will provide client assurance via proposal requests, contract reviews, security questionnaires, and other due diligence processes.You will drive with the promotion and adoption of secure development lifecycle, DevSecOps and Cloud security policies, standards and guidelines and contribute to the development and continual improvement of the OFCS strategy. You will provide reporting on security compliance, incidents, Key Performance Indicators (KPIs) and Objectives and Key Results (OKRs). You will also deliver and represent the priorities of the practice back to OFCS Leadership.QualificationsBachelor's or master's in information security, computer science or other technical discipline3+ years of experience in an information security roleTechnical understanding of a range of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, databases, containerization, mobileWorking knowledge of common information security controls, guidelines and standards, such as ISO27001, OWASP, SOC 2, NISTExperience of conducting risk assessments, threat modeling and information security reviews, and auditsStrong analytical and organizational skills and the ability to work independently, as well as part of a wider team, with minimal supervisionExperience with security technologies and tooling, e.g. vulnerability scanners, firewalls, network monitors, IAM, SIEM, IDS/IPSKnowledge of privacy and data protection regulations, e.g. GDPR, CCPA, HIPAAKnowledge of Secure Software Development Lifecycle and DevSecOpsCISSP, CISA, CIPP or other security/privacy related certificationsCOVID-19 vaccination mandate:Employment with McKinsey & Company, Inc. in the United States and Canada is conditioned on proof of full vaccination against the COVID-19 virus (with a WHO-approved or Health Canada-approved COVID-19 vaccine, as applicable) or approval of an exemption due to a qualifying medical condition or sincerely held religious belief prior to start date.FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity/Affirmative Action employer.All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, For full info follow application link.Equal Opportunity Employment Disclaimer McKinsey & Company is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other protected characteristics.

Full-time
  • ID: #43291938
  • State: Georgia Atlanta 30301 Atlanta USA
  • City: Atlanta
  • Salary: USD TBD TBD
  • Showed: 2022-06-18
  • Deadline: 2022-08-18
  • Category: Et cetera