Who We Are

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.

What You'll Do

As a Senior Analyst – Cyber Security Incident Response (CS3) at BCG, you will be a key operational member of the Cyber Security Incident Response Team (CSIRT), responsible for executing cyber security investigations and supporting incident response activities across BCG’s global environment.

This role focuses on consistent, high-quality execution of incident response and investigation tasks, including detection, triage, analysis, containment, and documentation. You will work within established processes and frameworks while contributing to their continuous improvement.

You will collaborate closely with the Security Operations Center (SOC), IT, Risk, and other global stakeholders to ensure timely and effective response to cyber threats. This position requires strong analytical capability, attention to detail, and the ability to operate reliably in a fast-paced, high-accountability environment.

What Will You Do?

• Investigate and respond to cyber security incidents, including phishing, malware, unauthorized access, and suspicious activity.
• Perform structured triage, analysis, and containment actions in alignment with CSIRT procedures.
• Monitor and analyze alerts from SIEM, EDR, and other security tools.
• Conduct log analysis across endpoints, network, and cloud environments to identify indicators of compromise.
• Document investigations clearly & accurately, ensuring all actions and findings are consistently recorded.
• Support incident response activities across time zones, including shift handoffs and coordination.
• Contribute to continuous improvement of response processes and post-incident reviews.
• Follow and apply frameworks such as MITRE ATT&CK, SANS incident handling, and internal playbooks.
• Escalate issues appropriately and provide relevant context for decision-making.
• Identify patterns, trends, and recurring issues, and share insights with the team.
• Support development and refinement of standard operating procedures (SOPs) and playbooks.
  
  

What You Are Good At

• Conducting structured and methodical investigations with strong attention to detail
• Analyzing logs, alerts, and telemetry to identify root cause and scope of incidents
• Following defined processes while adapting to evolving situations
• Producing clear, concise, and well-structured documentation
• Communicating effectively with both technical and non-technical stakeholders
• Managing multiple tasks and priorities with reliability and consistency
• Working collaboratively across globally distributed teams
• Demonstrating accountability and ownership of assigned work
  
  

What You'll Bring

• Bachelor’s degree (or equivalent) in Cybersecurity, Computer Science, Information Security, or related field
• Minimum 3–5 years of professional experience, with at least 2+ years in cyber security or security operations
  
  

Hands-on Experience In

Incident response or SOC operations

SIEM platforms (e.g., Splunk or similar)

EDR tools (e.g., CrowdStrike, Microsoft Defender, or similar)

Log analysis and investigation

Familiarity With

MITRE ATT&CK framework

NIST Cybersecurity Framework

Basic regulatory concepts (e.g., GDPR)

• Experience working in a global or distributed team environment
• Strong written and verbal communication skills in English
• Security certifications (e.g., Security+, CEH, GCIH, or equivalent) are a plus
  
  

Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.

BCG is an E - Verify Employer. Click here for more information on E-Verify.