Global Cybersecurity Director - Security Operations
Join to apply for the Global Cybersecurity Director - Security Operations role at Boston Consulting Group (BCG)
Global Cybersecurity Director - Security Operations
Join to apply for the Global Cybersecurity Director - Security Operations role at Boston Consulting Group (BCG)
Who We Are
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.
To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.
What You'll Do
Security Continuous Monitoring Oversight
- Establish and lead BCG’s first enterprise-wideCybersecurity Continuous Monitoring (CSCM) program, ensuring continuous visibility into system, endpoint, network, and cloud activity.
- Define and implement governance models, including ownership of monitoring metrics (e.g.,MTTD, MTTR, false positive rate, coverage completeness).
- Stand up monitoring processes and integrate telemetry sources acrossSIEM, EDR, identity, network, and cloud platforms.
- Ensure monitoring outputs are actionable, enriching detection and response activities and informing risk and compliance stakeholders.
Technical Architecture & Integration
- Design and implement acontinuous monitoring reference architecture, leveraging SIEM, SOAR, UEBA, and threat intelligence.
- Establish enterprise logging standards coveringlog coverage, retention, encryption, access, and integrityrequirements.
- Drive automation of monitoring workflows and correlation logic to reduce dwell time and improve detection accuracy.
- Collaborate with threat intelligence teams to ensurereal-time enrichment of event dataand alignment with MITRE ATT&CK adversary tactics.
Program & Capability Development
- Build the CCM capabilityfrom the ground up, defining the operating model, reporting cadence, and engagement with SOC, risk, and compliance.
- Develop and track KPIs, ensuring CCM effectiveness is measurable and communicated to senior stakeholders.
- Prioritize creation oftop 5–10 operational dashboards and reportsthat provide critical enterprise visibility.
- Mature the function from initial operational capability (M1) toward advanced maturity, embedding continuous improvement cycles.
STRATEGIC LEADERSHIP
- Serve as thefounding leaderfor the CCM function, creating the strategy, roadmap, and tactical build plan.
- Partner with enterprise stakeholders across IT, Risk, and Security to align monitoring with business risk tolerance and resilience objectives.
- Influence senior leaders by translating technical telemetry insights intobusiness-relevant intelligence.
- Build, inspire, and retain a high-performing team of analysts and engineers over time, leveraging both full-time staff and contractors.
- Advise senior leadership (via SecOPS) on monitoring-driven insights, risks, and mitigation recommendations.
What You'll Bring
- Bachelor’s degree (or equivalent). Master’s preferred.
- 10+ years in cybersecurity operations, with at least 5 years in security monitoring, SOC leadership, or equivalent detection & response functions.
- Proven track record ofbuilding or maturing monitoring capabilities(SIEM, SOAR, telemetry pipelines, UEBA, threat intel integration).
- Knowledge oflog ingestion, normalization, correlation, and enrichmentprocesses.
- Familiarity with leading monitoring technologies:Splunk, DataDog, Microsoft Defender, CrowdStrike Falcon, Azure/AWS/GCP telemetry, threat intelligence platforms.
- Expertise inmetrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness.
- Familiarity with frameworks likeNIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring.
- Experience inthreat hunting, anomaly detection, and behavioral analytics.
- Strong leadership skills: able to recruit, mentor, and develop a high-performing team in a newly established function.
- Executive presence: able to present complex monitoring data and risks to senior leadership in clear, concise business terms.
Additional info
COMPETENCIES: Director, Cybersecurity Continuous Monitoring
Leads a critical security function with measurable business impact. Establishes foundational capabilities, manages delivery, and develops a growing team to support BCG’s enterprise security posture.
Technical & Functional Expertise
- Develops and executes thecontinuous monitoring strategy, aligned to enterprise security goals and SecOPS direction.
- Demonstrates deep technical expertise intelemetry ingestion, SIEM/SOAR integration, log management, and threat intelligence enrichment.
- Serves as arecognized expert in monitoring and detection, providing guidance to peers and influencing related security domains.
- Codifies monitoring practices and standards intorepeatable processes and playbooks, reducing reliance on ad hoc approaches.
- Evaluates and pilotsemerging monitoring technologies; ensures adoption of digital tools to scale efficiency and coverage.
Problem Solving & Insight
- Framesmonitoring and detection challengesin business-relevant terms (risk, resilience, compliance).
- Uses data-driven methods (metrics such asMTTD, MTTR, false positives) to identify control gaps and inform improvements.
- Translates complex monitoring outputs into actionable insights for stakeholders across IT, Risk, and Security.
- Innovates in detection methodologies, leveragingbehavioral analytics, anomaly detection, and adversary simulations.
- Acts as a problem-solver during incidents, ensuring monitoring outputs guide rapid containment and response.
Effectiveness & Value Creation
- Leads the build-out of theCCM function from the ground up, establishing governance, processes, and reporting.
- Structures, plans, and executes monitoring programs and initiatives, balancing near-term needs with long-term maturity goals.
- Delivers measurable outcomes (visibility, faster detection, reduced dwell time) thatdirectly enhance business resilience.
- Proactively manages resources, balancing full-time staff and contractors to deliver capability within deadlines.
- Prioritizes actions with the highest impact on reducing enterprise cyber risk.
Role Model
- Operates with integrity, safeguarding BCG and client data through responsible monitoring practices.
- Promotes a culture oftransparency, accountability, and data-driven decision-makingin the team.
- Demonstrates perseverance and adaptability in building a new function with high visibility and expectations.
- Creates an inclusive working environment that values diverse technical and analytical perspectives.
- Leads by example, modeling sustainable workload practices even under incident-driven pressure.
Communication, Presence & Influence
- Develops and delivers clear dashboards, reports, and executive communications on monitoring outputs.
- Shapes perspectives bytranslating technical monitoring metrics into risk- and business-relevant insights.
- Communicates effectively across technical and non-technical audiences, ensuring alignment with IT and business leaders.
- Leads conversations in operational reviews, incident post-mortems, and governance forums.
- Encourages open dialogue within the team, and fosters credibility with cross-functional partners.
Teaming & Collaboration
- Builds strong partnerships with SOC, Offensive Security, IT Operations, and Security Architecture teams.
- Develops productive relationships across regions and business units to expand telemetry coverage.
- Works collaboratively with compliance, risk, and audit to align monitoring with enterprise governance.
- Anticipates and manages conflicts in data ownership, tool coverage, and priorities, resolving them constructively.
- Promotes knowledge-sharing across security teams, reducing silos and strengthening collective defense.
People Development & Leadership
- Defines the vision and purpose of the CCM function, instilling clarity and purpose for the team.
- Coaches and mentors analysts, engineers, and contractors to expand monitoring expertise.
- Provides stretch opportunities for team members to develop technical and leadership skills.
- Balances empowerment and oversight — ensuring autonomy in monitoring activities while maintaining governance discipline.
- Leads quality team meetings, defines clear objectives, and ensures alignment to SecOPS priorities.
- Provides frequent developmental feedback, fostering a culture of continuous learning and improvement.
Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer. Click here for more information on E-Verify.Seniority level
Employment type
Job function
- Job functionOther, Information Technology, and Management
- IndustriesBusiness Consulting and Services
Referrals increase your chances of interviewing at Boston Consulting Group (BCG) by 2x
Get notified about new Director Security Operations jobs in London, England, United Kingdom.
Director - Regional Security Manager - EMEA
London, England, United Kingdom 1 week ago
London, England, United Kingdom 4 days ago
London, England, United Kingdom 3 days ago
Global Platform Team Lead and Senior Director - IT Security
London, England, United Kingdom 3 days ago
Global Platform Team Lead and Senior Director - IT Security
London, England, United Kingdom 1 week ago
Director of Security Development & Testing
London, England, United Kingdom 3 days ago
Staines-Upon-Thames, England, United Kingdom 2 weeks ago
London, England, United Kingdom 1 month ago
London, England, United Kingdom 4 weeks ago
Staines-Upon-Thames, England, United Kingdom 2 weeks ago
London, England, United Kingdom 2 months ago
London, England, United Kingdom 2 weeks ago
Sales Director, Enterprise Security - London
London, England, United Kingdom 4 months ago
London, England, United Kingdom 2 days ago
Senior Health, Safety & Security Manager - London
London, England, United Kingdom 8 hours ago
Senior Health, Safety & Security Manager - London
London, England, United Kingdom 1 week ago
Deputy Director Head of Service Operations
London, England, United Kingdom 2 weeks ago
Vice President, Senior Audit Manager, Cybersecurity and Infrastructure
London, England, United Kingdom 6 days ago
London, England, United Kingdom 4 days ago
Global Platform Team Lead and Senior Director - IT Network
London, England, United Kingdom 1 week ago
Global Platform Team Lead and Senior Director - IT Network
London, England, United Kingdom 3 days ago
London, England, United Kingdom 2 weeks ago
London, England, United Kingdom 6 days ago
Windsor, England, United Kingdom 3 days ago
Strategy Director, National Security Secretariat
London, England, United Kingdom 2 weeks ago
Global Cash Concentration and Liquidity Controls & Regulatory Management Manager, Director
London, England, United Kingdom 1 week ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom 2 days ago
International Social Security - Senior Manager
London, England, United Kingdom 2 months ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
