Who We Are
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.
To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.
What You''ll Do
The Director, Cyber Audit & Assurance is a senior leadership role within BCG''s Information Security Risk Management organization. Reporting to the Senior Director, Information Security Risk Management, this individual is responsible for leading BCG''s global cybersecurity audit, certification, and compliance programs.
The role owns the strategy, governance, and execution of the firm''s security certification portfolio, including HITRUST, SOC 2, ISO 27001, ISO 27017, ISO 42001, Cyber Essentials, TISAX, ENS, and other regional, industry-specific, and regulatory requirements. Working across Information Security, Technology, Legal, Privacy, Risk Management, and business stakeholders, the Director ensures that security controls remain effective, certifications are maintained, and the organization is prepared to meet evolving regulatory, client, and market requirements.
Given the firm''s significant U.S. regulatory, healthcare, and client-driven certification obligations, this role requires deep expertise in U.S. cybersecurity compliance frameworks and regular engagement with U.S.-based auditors, legal stakeholders, and business leaders.
This leader provides oversight of external audits, certification activities, and regulatory assessments while driving continuous improvement across BCG''s cybersecurity control environment.
Key Responsibilities
What You''ll Bring
Preferred Qualifications
The successful candidate is a strategic, business-oriented cybersecurity leader who combines deep audit, certification, and compliance expertise with strong executive presence. They are capable of translating complex regulatory and certification requirements into practical business outcomes, influencing stakeholders at all levels, and leading global programs that directly support client trust and business growth.
This role requires exceptional communication, collaboration, and leadership skills, as well as the ability to operate effectively in a fast-paced, global, and highly matrixed environment.
Additional info
In the US, we have a compensation transparency approach.
Total compensation for this role includes base salary, annual discretionary performance bonus, retirement contribution, and a market leading benefits package described below.
This is an estimated range, however, specific base salaries within the range depend on various factors such as experience and skill set. It is not common for new BCG employees to be hired at the high-end of the salary range. BCG regularly reviews its ranges to ensure market competitiveness.
In addition to your base salary, your total compensation will include a bonus of up to 30% and a generous retirement contribution that starts at 5% and moves to 10% after 2 years.
All of our plans provide best in class coverage:
Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children
Low $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs
Dental coverage, including up to $5,000 in orthodontia benefits
Vision insurance with coverage for both glasses and contact lenses annually
Reimbursement for gym memberships and other fitness activities
Fully vested Profit Sharing Retirement Fund contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan
Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement
Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month)
Paid sick time on an as needed basis
Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer. Click here for more information on E-Verify.