Who We Are

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.

What You'll Do

You will help reduce identity-based risk across BCG by turning identity and entitlement visibility into clear risk decisions and practical remediation actions. This is not a traditional SOC alert role—it is focused on identity intelligence, risk prioritization, and measurable risk reduction.

You will own triage for identity findings (including privileged access and non-human identities), partner with technical and business teams to resolve issues, and build repeatable playbooks that improve quality and speed over time.

• Triage identity and entitlement findings across human and non-human identities
• Classify findings using risk criticality, context, and noise reduction
• Identify drivers of identity risk, including excessive privilege and toxic combinations
• Translate graph-based identity insights into clear, plain-English risk narratives
• Recommend remediation actions such as access right-sizing and privilege restriction
• Partner with IAM, cloud security, application owners, and GRC to drive closure
• Track remediation through completion and validate measurable risk reduction
• Build and maintain playbooks, escalation criteria, and severity thresholds

What You'll Bring

• 3+ years of experience in IAM, identity governance, or cloud security analytics
• Strong knowledge of privileged access models and entitlement risk patterns
• Ability to analyze complex access relationships and explain risk clearly
• Experience turning findings into practical remediation guidance and outcomes
• Comfort collaborating across technical and business stakeholders globally
• Familiarity with identity platforms such as Entra ID, AD, or Okta preferred
• Exposure to AWS, Azure, or GCP identity and access concepts preferred

Who You'll Work With

You will work closely with colleagues in security operations, IAM, cloud security, and governance, risk, and compliance. You will partner with application owners and platform teams globally to validate context, align on remediation actions, and track outcomes.

Additional info

Please confirm all local HR and legal policy language (including in-office expectations, hiring practices, and any applicable pay transparency requirements) before posting.

Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer. Click here for more information on E-Verify.