Security Manager I

Who You&aposll Work With

You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact.

In return for your drive, determination, and curiosity, we'll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference.

When you join us, you will have :

• Continuous learning : Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey.
• A voice that matters : From day one, we value your ideas and contributions. You'll make a tangible impact by offering innovative ideas and practical solutions. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes.
• Global community : With colleagues across 65+ countries and over 100 different nationalities, our firm's diversity fuels creativity and helps us come up with the best solutions. Plus, you'll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences.
• Exceptional benefits : On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family.

Your Impact

As a Security Manager for McKinsey's GM&S practice, you will contribute to practice product and cloud security across AWS or Azure by supporting the implementation of the firm&aposs security standards in alignment with the strategic business plan.

You will assist in embedding "Shift Left" strategies, tools, and processes across the software development lifecycle. Additionally, you will work closely with CSTs to ensure cybersecurity considerations are integrated throughout the engagement delivery lifecycle, including infrastructure and tooling decisions, secure product development, and the processing and deletion of client data.

You will be assisting in Client Engagements, collaborating with the team to provide cybersecurity assurance during client interactions, including responding to security questionnaires, participating in workshops, and supporting due diligence processes. You will be supporting Compliance Efforts by helping implement and manage independent third-party attestations of industry cybersecurity standards and certifications, such as ISO 27001 and SOC 2, for practice-specific solutions and products. You will act as a point of contact for the Security Operations Center (SOC), Threat Intelligence, and Crisis Response Teams regarding practice-related cybersecurity incidents.

You will assist in ensuring timely identification, remediation, and documentation of lessons learned. You will contribute to the preparation of practice-level cybersecurity reports, metrics, and forecasts for practice and firm leadership. You will assist in implementing firm-wide cybersecurity, data protection, and privacy policies, standards, and processes within the practice. Additionally, you will support proactive risk management efforts and the establishment of cybersecurity controls to enhance the security posture of asset development and engagement delivery.

Your Qualifications and Skills

Show more

Show less

Skills Required

Databases, Gdpr, Networking, Operating Systems, Ips, Firewalls, Web Applications, DevSecOps, Iso 27001, Iam, containerization , Ids, Siem, Databricks, Azure, Aws