The Director, Cyber Audit & Assurance is a senior leadership role within BCG's Information Security Risk Management organization. This position is responsible for leading BCG's global cybersecurity audit, certification, and compliance programs. The role involves managing the strategy, governance, and execution of the firm's security certification portfolio. The Director will work closely with various stakeholders to ensure effective security controls and compliance with evolving regulatory requirements.

• Bachelor's degree in Information Security, Cybersecurity, Information Systems, Risk Management, Business, or related field.
• 12+ years of experience in cybersecurity, information security, audit, risk management, compliance, or assurance functions.
• 5+ years of leadership experience managing enterprise-scale assurance, audit, or compliance programs.
• Deep expertise with HITRUST, SOC 2, ISO 27001, ISO 27017, ISO 42001, Cyber Essentials, TISAX, ENS, and related frameworks.
• Strong working knowledge of NIST Cybersecurity Framework (CSF), NIST 800-53, and NIST 800-171.

• Own and lead BCG's global cyber audit, certification, and compliance portfolio.
• Serve as executive owner for various certification programs including HITRUST, SOC 2, and ISO standards.
• Define and execute the firm's multi-year cyber audit and certification strategy.
• Lead certification audits, surveillance reviews, and external assessments globally.
• Manage relationships with external auditors, certification bodies, assessors, regulators, and client audit teams.
• Drive remediation planning and closure of audit findings across global stakeholders.
• Advise business leaders on certification and regulatory requirements.
• Monitor emerging regulatory, assurance, and AI governance requirements.
• Develop executive reporting, KPIs, and governance materials for senior leadership.
• Build, mentor, and lead a high-performing cyber audit and assurance team.

• Employees at BCG are often offered comprehensive medical, dental, and vision coverage with no monthly premiums and $10 copays, plus mental-health resources (EAP, telehealth, meditation app), medical second opinions, FSAs, annual fitness reimbursement, and life and disability insurance. Compensation typically includes competitive pay, annual bonuses, generous retirement contributions with a 401(k), and robust time off, including vacation, holidays, sick leave, bereavement, and enhanced parental leave up to 22 weeks for birth parents and 14 weeks of bonding for all new parents. Additional perks include adoption and fertility assistance, transportation benefits, backup child and elder care, and flexible hybrid or remote work options.