Cyber Security Manager - Incident Response

Locations: Canary Wharf Munich

Who We Are

The Boston Consulting Group (BCG) is a general management consulting firm, widely regarded as a global leader in business strategy consulting. The firm has built its worldwide practice on intellectual leadership and has helped change the way many corporations' approaches, and engage in, competition. Many of BCG's strategic concepts are taught at leading business schools and executive education programs around the world.

BCG is a privately owned firm with over 80 offices in more than 40 countries. BCG's Global Functions provide professional management services to the firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources.

What You'll Do

As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG's global network.

You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats.

• Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents.
• Conduct proactive threat hunting to detect and neutralize emerging threats.
• Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators.
• Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts.
• Develop and enhance incident response playbooks, ensuring alignment with evolving threats.
• Analyze threat intelligence sources to identify new attack vectors and adversary tactics.
• Provide forensic analysis and malware reverse engineering to assess security incidents.
• Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices.
• Produce timely reports on incident trends, threat intelligence insights, and response actions.
• Patriciate in training sessions and tabletop exercises to improve security awareness and incident response readiness.

YOU ARE GOOD AT

• Strong verbal and written communication skills for stakeholder engagement and incident reporting.
• Deep knowledge of cyber–attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration.
• Strong hands–on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools.
• Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains.
• Strong analytical and problem–solving skills, with an investigative mindset to identify security threats.
• Experience with malware analysis, including static and dynamic analysis techniques.
• Ability to develop and refine threat–hunting methodologies and define SIEM use cases.
• Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.).
• Ability to work under pressure in a fast–paced, dynamic security environment.
• Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident documentation.

What You'll Bring

• Bachelor's degree (or equivalent) in Cybersecurity, Computer Science, Information Security, or a related field.
• 5+ years of experience in incident response, digital forensics, threat hunting, or cyber intelligence.
• Strong technical background in cybersecurity, including hands–on experience in security monitoring, threat detection, and digital forensics.
• Certifications such as GCTI, GCIA, GCIH, CISSP, or equivalent (preferred).
• Experience working with global teams and managing security incidents across multiple regions.
• Knowledge of cloud security (AWS, Azure, GCP) and securing hybrid environments.
• Ability to liaise with internal and external security partners, vendors, and law enforcement on cyber threat matters.

Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E – Verify Employer. Click here for more information on E–Verify.