About The Role The Sr Cloud Network Security Engineer serves as the security engineering subject matter expert for all cloud networks and reports to the Manager of Network Security. This role will provide technical expertise needed to design, implement and support day-to-day of cloud network security. Lead efforts to maintain complex and diverse network topology that must meet the needs of a challenging set of development, operations and business requirements. Demonstrating innovative approaches to solving the unique challenges encountered. This role ensures the security network integrity and continuity of the cloud across the enterprise and subsidiaries. What The Candidate Will Need / Bonus Points What the Candidate Will Do

1. Participate in global team environments, solving problems around the world.
2. Define and ensure compliance with security policies, processes and standards to build a comprehensive Operational Technology security program
3. Support Cloud Network Component in hybrid model with on-prem Network connectivity.
4. Maintain expertise of industry standard and leading network security services and systems
5. Maintain and create useful, accessible, network documentation that can be shared with internal users, other teams, and auditors.
6. Continue to drive existing and establish new company wide security standards and practices
7. Enable the business while maintaining a strong security posture within the industry best practices framework.
8. Manage vendor relationships and proof of concept engagements.
9. Experience with the creation and maintenance of DNS records, DNS zones, & DNSSEC.

Basic Qualifications

1. 7+ years of NetSec Architecture experience with NGFW, Proxies, VPNs, NSM, and LBs
2. 5+ years of Network Engineering experience (Cloud or traditional)
3. 5+ years of hands on Cloud Architecture and engineering experience (ie: AWS, GCP, or OCI)
4. 3+ years in a dedicated security engineering role
5. 3+ years of general python or golang scripting experience
6. Working knowledge hybrid cloud attack vectors , Network protocols and packet analysis
7. Working knowledge of Infrastructure as Code (IaC) and CI/CD
8. Working knowledge of scalable and cross cloud provider secure and scalable solutioning
9. Working knowledge of network routing, HTTP and API protocols security
10. Working knowledge of networking securely with high bandwidth and availability requirements
11. Working knowledge of project management and strong interpersonal skills

What the Candidate Will Do

1. Deep GCP and/or OCI network security experience
2. Strong understanding of OSI layers
3. Automation and Integration knowledge
4. Red Team or Blue Team / Attack Analyst background

Project Description: BAU/Project/Risk Assessment in the areas of information and cyber security across the business Responsibilities:

1. Understand and work with the business as well as with the Cyber Security team to identify, define and implement cyber security requirements for the organization
2. Knowledge of cloud architecture to support the infrastructure and software engineering team in the design and implementation of secure architectures
3. Support and further development our SOC
4. Manage vulnerability assessment and work closely with stakeholders to fix detected vulnerabilities to maintain a high security standard
5. Perform in-depth analysis of security related monitoring events and define follow up activities
6. Engage in and coordinate cyber reviews and penetration tests
7. Ensure that the company knows as much as possible, as quickly as possible about security threats and incidents (internal/ external)
8. Perform maintenance, deployment and enhancement of the security infrastructure in line with best practices
9. Knowledge of security governance frameworks for managing cyber risk and reporting
10. Conduct and follow up for phishing campaigns
11. Provide guidance to IT resources on secure configuration of systems, permissions, new projects, products & relationships
12. Scripting and automation of common tasks/procedures
13. Participation in industry led events and keeping up-to-date with industry trends

Mandatory Skills:

1. Bachelor's degree in related field from red brick university
2. Strong understanding of Information Security within an enterprise environment
3. Responsive and adaptive in a dynamic, collaborative work environment
4. Service oriented, accurate, effective and independent working style, even under pressure
5. Driven and self-motivated person with the ability to maintain the highest level of confidentiality

ESSENTIAL

1. 1. Knowledge of security systems including proxy servers, firewalls, intrusion detection systems, authentication systems, log management, content filtering, data leakage protection, endpoint tools, etc.
   2. Knowledge of coordinating responses to security incidents, or operating in a SOC environment
   3. Knowledge of IT infrastructure (virtualization, security and network services)
   4. Strong scripting/programming language experience (e.g. Python/Powershell)
   5. Conduct vulnerability assessment and remediation to a high security standard
   6. Strong understanding of identity management, supporting protocols and applied cryptography
   7. Intrusion analyst skills (traffic analysis, event correlation) and analysis/tuning of IPS/IDS/SIEM/DLP/EDR deployments
   8. Ability to analyse and interpret network, system, security and application logs in order to diagnose faults and spot abnormal behavior
   9. Excellent understanding of information security principles and practices
   10. The ability to express yourself clearly and logically both orally and in writing (English)
   11. The ability to produce high quality, written security documentation

Nice-to-Have Skills:

1. DevSecOps skills for reviewing and support Infrastructure as Code (IaC) or CI/CD piplelines is a plus Experience in DLP analysis and tuning
2. Security related certifications is a plus
3. Master's degree in Cyber Security
4. Desire to work in a financial/regulated environment.

POSITION SUMMARY: The Incident Responder/Threat - Cyber Security Sr. Manager (IR/TH) is an experienced position within the CSIRT and will play a pivotal role in identifying, analysing, and mitigating potential cybersecurity threats. The ideal candidate will have a strong background in threat hunting, cyber threat intelligence, and incident response, along with a deep understanding of various attack vectors and techniques. You will work to proactively identify emerging threats, conduct in-depth investigations, and contribute to enhancing our organization's overall security posture. You interact closely with BCG’s SIEM and MSSP to enhance detection capabilities and understand the current threats against BCG’s network and provides Tier 3 incident response support. These tasks ensure that all cyber security incidents are accessed and communicated to relevant stakeholders in a timely manner. You will work with various teams inside BCG (Information Management Team, Global Functions and IT) and with vendors, suppliers, and partners to support the SOC’s mission of preventing, detecting, and responding to cyber threats. This Incident Response / Threat Hunting role is an integral part of our CSIRT team and will require the incumbent to play a proactive role in identifying and mitigating emerging cyber threats. In addition, the role will involve providing expert guidance and advice to analysts during security incidents, enhancing the team's incident response capabilities and contributing to the overall cybersecurity posture of the organization. What you will do , but not limited to:

1. Conduct proactive threat hunting exercises to identify advanced and persistent threats within the organization's network and systems.
2. Collaborate with cross-functional teams to develop and refine threat hunting methodologies, leveraging both internal and external threat intelligence sources.
3. Analyze threat data from various sources, including logs, network traffic, and endpoints, to identify indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with cyber threats.
4. Investigate and respond to security incidents, analyzing the scope and impact of breaches, and developing mitigation strategies.
5. Provide expertise in analyzing malware and malicious artifacts to understand their functionality and potential impact.
6.  Create and maintain detailed documentation of threat hunting processes, findings, and incident response procedures.
7. Produce timely and accurate reports on threat hunting activities, findings, and recommended actions to stakeholders and management.
8. Contribute to the development of playbooks, standard operating procedures, and other documentation to enhance the incident response process.
9. Strong understanding of common cyber-attack techniques, such as phishing, malware propagation, lateral movement, and data exfiltration.
10. Collaborate with the incident response team to develop and enhance incident response playbooks, ensuring alignment with threat intelligence insights.

What you are Good at : Under the general direction of the Information Security Manager or delegate and working with other IT, BST, etc. throughout the firm, the roles will perform the following functions: Participate as an integral part of the CSIRT Team, Risk and IT in general.

1. Work closely with CSIRT team people & technology to detect, assess, and communicate cyber threats.
2. Proactively monitoring and analyze logs via the SIEM for indicators of attack.
3. Lead proactive threat hunting initiatives, utilizing both internal and external threat intelligence sources, to identify potential threats and vulnerabilities.
4. Develop and refine threat hunting methodologies, leveraging indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and threat actor profiles.
5. Collaborate closely with cross-functional teams to provide timely and relevant cyber threat intelligence updates, contributing to strategic security decisions.
6. Perform in-depth analysis of threat data from various sources to identify patterns, correlations, and trends, and translate findings into actionable intelligence.
7. Create and disseminate timely threat intelligence reports and alerts to stakeholders, enabling informed responses to emerging threats.
8. Define SIEM use cases to collect, monitor and analyze data to discover and discern trends, threats, and security risks associated with BCG assets and information.
9. Incorporating emerging threat intelligence and zero-day vulnerabilities into new detection content, as well as evaluating detection value and exposure throughout the entire detection lifecycle, including retirement and deprecation.

Maintain up-to-date knowledge of the cyber security industry as it relates to BCG including:

1. Threat Hunting Frameworks & Methodologies
2. Attacker methods and TTPs
3. Standards, regulations, and legislation
4. Technologies and solutions
5. Industry best practices
6. Threats and vulnerabilities

Provide input and represent client interests in the areas of:

1. Threat Hunting, Incident response and investigation
2. Incident response management for client security incidents
3. Work with IT Directors, Managers, Architects and staff to implement, monitor and maintain Confidentiality, Availability and Integrity of BCG information assets.
4. Track and manage materials provided to external providers and clients.
5. Maintain information security credentials and certifications as required to present a credible presence to internal and external audiences.

You Bring (experience & Qualifications)

1. Bachelor’s degree (or equivalent) in Computer Science, Cybersecurity, Information Security, or a related field.
2. Minimum 10 years of information security experience, with a very strong technical background.
3. Demonstrated Threat Hunting, Threat Intelligence and Incident Response experience.
4. Strong experience with threat hunting methodologies and tools, including but not limited to SIEM platforms, EDR solutions, network traffic analysis tools, and threat intelligence feeds.
5. Proficiency in analysing and interpreting security logs, network traffic, and endpoint data to identify and investigate potential security incidents.
6. Ability to craft advanced SPL to fulfil detection criteria, with a background in fine-tuning and testing use cases, adjusting SPL logic accordingly for optimal performance will be a great value add.
7. Strong analytical, problem-solving, and critical-thinking skills, with the ability to work effectively in high-pressure situations.
8. Experience with threat intelligence frameworks and methodologies, including STIX/TAXII, MITRE ATT&CK framework, and other relevant standards.
9. Expertise in analyzing malware and malicious artifacts, employing both static and dynamic analysis techniques.
10. Security certification like GIAC Cyber Threat Intelligence (GCTI), GIAC Certified Intrusion Analyst (GCIA) or GIAC Certified Incident Handler (GCIH) or equivalent a plus.

KEY COMPETENCIES: Technical and functional expertise

1. Requires an advanced level of professional knowledge in information technology and security developed through a combination of advanced degrees in information technology and hands on experience.
2. Must have previous career development experience which has provided management skills, motivational skills, interpersonal skills, and outstanding organizational effectiveness.
3. Knowledge of the legal and regulatory landscape related to security and privacy in an international environment.
4. Very strong business sense with ability to relate technology issues to business.
5. Requires strong analytical skills and abilities including an extensive knowledge of software, database, operating systems, client server architecture and voice and data communication services and facilities, security and privacy, in an international setting.
6. Perform in-depth analysis of threat data from various sources to identify patterns, correlations, and trends, and translate findings into actionable intelligence.
7. Communication, interpersonal and teaming skills
8. Outstanding verbal and written communications skills are a must because of the requirement to represent BCG in communications with clients.
9. Calm demeanour, grace under fire, outstanding listening skills

Leadership, impact, and change

1. High level of initiative and self-motivation, resourceful, and patient with an iterative process
2. Ability to gain trust and commitment of others at different levels of the organization.
3. Proven ability to challenge traditional way of operating and moving beyond the obvious
4. Translates BCG’s broader strategic objectives and cascades these into own work plans, metrics and teamwork plans.
5. Works effectively with significant ambiguity and fluctuating priorities and constrains.

Work management, organization and planning

1. Ability to evaluate and prepare detailed project plans for technology projects that will be implemented across the business. Manage local and global technology problems and direct staff in resolution of such problems. Evaluate and advise on the technology and systems components associated with projects adopted by BCG corporate and offices.
2. Ability to monitor projects and direct staffs to ensure projects are aligned with the strategic objectives of the business.

Customer and business focus

1. Focuses on the most critical issues that have the highest impact on the organization and business needs • Working mode: “enabling”, “value adding” and “expanding” • Treats all others with respect; generate trust

People management

1. This position requires interaction with BCG Partners, BCG Case Team staff, client legal and security staff, Administrative Management, vendors, IT Management and Staff, Legal Department, Finance, Vendors, etc. Very strong relationship skills are essential. Excellent Leadership and teaming skills are required

Values and ethics

1. Strong sense of confidentiality and integrity
2. Treats others with respect and generates trust
3. Establish relationships based on respect, trust and integrity.

Job Purpose: The Cloud SecOps team operates following 4 streams: Incident management, Vulnerability management, External exposure & Cloud hardening. We are currently looking for a cybersecurity expert who would have a primary focus on Cloud Hardening stream. She/he would primarily Organize and run the Cloud Hardening Stream with capacities to

1. Define Security levels for each environment based on the criticality
2. Define & Drive the mitigation/remediation thru the Ops Organization
3. Provide the right visibility to the cybersecurity leader of the platform.
4. Collaborate with the corporate security department to align on the policies

Tools Used: Qualys, Tenable, Prisma Cloud, Azure Sentinel, Defender for Cloud She/he would also be supporting other streams and be the backup for 1 or more other streams. Tools Used: Qualys, Tenable, Prisma Cloud, Azure Sentinel, Defender for Cloud Qualifications The candidate is expected to have the following qualifications:

1. 6+ years of relevant experience in cybersecurity, especially around
2. Azure security services and operations
3. Azure Policies and Guardrails
4. Networking & Firewalling expertise
5. Security operations management
6. Familiar with Agile processes & continuous integration frameworks
7. Experience with PaaS/IaaS environments in Microsoft Azure, an experience is Landing Zone is a plus.
8. Experience in a small/medium organization delivering services inside a large ecosystem would be a plus.
9. Certifications such as ethical hacking, Azure Security certification (AZ 500) would be a plus

Personal qualities & behavioral traits

1. Clear communication in English – written and verbal – able to discuss with a wide range of different profiles/cultures/management levels.
2. Team player able to find its place in our Ops community and to lead by influence
3. Tech-savvy Information Security Professional able to think beyond classic IaaS-based security paradigms: a large part of the IoT offers and platforms is PaaS- or SaaS-based (Azure/AWS) and involves IoT technologies, thus making classic IT perimetric security approaches inefficient
4. Autonomous and proactive Information Security professional able to propose and implement solution in our agile and fast-moving IoT environment.

Education: Master's or Bachelor’s degree in Computer Science, Computer Engineering or related technical disciple

About The Role As a Automotive Cyber security Architect will contribute to shape the future automotive security architectures by analysing the System architecture, designs, identifying the potential security gaps and suggesting appropriate solutions. You will be part of the growing Cyber security team working on the futuristic connected cars solutions. What You Will Do

1. Perform Threat Analysis and Risk Assessment – TARA as per ISO 21434. Work with Threat modeling tools and more.
2. Act as an interface between the Project Cyber security Manager (PCSM) and Project SYS/HW/SW Architects.
3. Produce/Designate cyber security work products required in cyber security concept phase (e.g. cyber security goal, cyber security concept, cyber security claim)
4. Design Security Architectures and security controls
5. Review cyber security goal and cyber security concept with SYS/HW/SW architects to produce verification reports
6. Support the cyber security engineer to develop cyber security work products in development phase (e.g. cyber security specification, cyber security requirements for post-development)
7. Review system architecture changes to re-evaluate the state of system cyber security.

What You Need

1. Bachelor’s degree in Computer Science Engineering / ECE / EEE or equivalent
2. Atleast 8 yrs of Automotive or Embedded system experience with 5 yrs of experience in automotive cybersecurity architectures.
3. Proven experience in conducting TARA according to ISO 21434
4. Good understanding of the ISO 21434 standard.
5. In-depth knowledge of Automotive cybersecurity concepts, including secure coding guidelines and Cryptographic algorithms.
6. Good collaboration and communication skills.

What Is Nice To Have

1. Knowledge and experience in the following standards : ISO 21434 and its certification, UNECE R155, A-SPICE
2. CSMS (Cybersecurity management systems ) and related processes
3. Risk Management Frameworks, NIST Cybersecurity Framework, NIST Risk Management Guidelines.

Roles and Responsibilities:

Industry Experience:

• Previous experience in the field of cyber security with 8+ Years engagement experience
• Candidates with at least 10 Years of relevant experience, which may include roles such as security analyst, network administrator, or system administrator.
• Practical knowledge of industry best practices and compliance regulations is highly valued.

Leadership and Communication Skills:

1. A cyber security manager is expected to lead and manage a team of security professionals.
2. Strong leadership abilities with excellent communication and interpersonal skills are essential for collaborating with stakeholders across different departments, including IT, legal, and executive management.

Strategic Planning:

1. Develop and execute the organization’s cyber security strategy.
2. Align security initiatives with business goals and risk management.

Risk Management:

1. Identify and assess cyber risks.
2. Implement risk mitigation strategies and ensure compliance with regulations.

Budgeting and Resource Allocation:

1. Allocate resources effectively to enhance cyber security.
2. Manage the budget for security initiatives.

Stakeholder Communication:

1. Collaborate with senior management, board members, and other executives.
2. Provide regular updates on cyber security posture and incidents.

Incident Response and Crisis Management:

1. Oversee incident response plans.
2. Coordinate crisis management efforts during security incidents.

Job Description:

You may be the ideal candidate if you have hands-on experience in:

· ISO 26262 Safety and Cyber Security with expertise on Software Design and Architecture

• Reviewing all the BSW modules configuration – OS, Communication Stack(J1939), vBase, vlink, Memmap, and Wdg
• Verifying if the configuration meets AUTOSAR & application requirements
• Performing third-party MCAL Integration using DaVinci
• BSW Integration & Workspace creation (Focus items – Linker, Startup, and Vector Table)