Incident Response Lead Analyst - Cyber Security

Locations: Canary Wharf | Munich

Who We Are

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.

What You'll Do

Position Overview

As a Cyber Security Incident Response Manager at BCG, you will be a key member of our Cyber Security Incident Response Team (CSIRT), responsible for identifying, analyzing, and mitigating cyber threats. This role requires a proactive approach to threat hunting, cyber threat intelligence, and incident response, ensuring the protection of BCG’s global network.

You will work closely with the Security Operations Center (SOC), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) to enhance detection and response capabilities. Your expertise will contribute to strengthening our security posture and minimizing business risks associated with cyber threats.

What Will You Do?

• Act as a Tier 3 Incident Responder, supporting complex investigations into cyber security incidents.
• Conduct proactive threat hunting to detect and neutralize emerging threats.
• Monitor and analyze logs via SIEM, EDR, and network traffic analysis tools for potential attack indicators.
• Investigate security incidents, including malware infections, phishing attacks, and unauthorized access attempts.
• Develop and enhance incident response playbooks, ensuring alignment with evolving threats.
• Analyze threat intelligence sources to identify new attack vectors and adversary tactics.
• Provide forensic analysis and malware reverse engineering to assess security incidents.
• Collaborate with IT, Risk, and Compliance teams to ensure regulatory compliance and security best practices.
• Produce timely reports on incident trends, threat intelligence insights, and response actions.
• Lead training sessions and tabletop exercises to improve security awareness and incident response readiness.

What You Are Good At

• Strong verbal and written communication skills for stakeholder engagement and incident reporting.
• Deep knowledge of cyber-attack techniques, including phishing, malware, ransomware, lateral movement, and data exfiltration.
• Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools.
• Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains.
• Strong analytical and problem-solving skills, with an investigative mindset to identify security threats.
• Experience with malware analysis, including static and dynamic analysis techniques.
• Ability to develop and refine threat-hunting methodologies and define SIEM use cases.
• Familiarity with global cybersecurity regulations and compliance frameworks (GDPR, NIST, ISO 27001, etc.).
• Ability to work under pressure in a fast-paced, dynamic security environment.
• Experience in developing Standard Operating Procedures (SOPs), security playbooks, and technical incident documentation.

What You'll Bring

• Bachelor’s degree (or equivalent) in Cybersecurity, Computer Science, Information Security, or a related field.
• 5+ years of experience in incident response, digital forensics, threat hunting, or cyber intelligence.
• Strong technical background in cybersecurity, including hands-on experience in security monitoring, threat detection, and digital forensics.
• Certifications such as GCTI, GCIA, GCIH, CISSP, or equivalent (preferred).
• Experience working with global teams and managing security incidents across multiple regions.
• Knowledge of cloud security (AWS, Azure, GCP) and securing hybrid environments.
• Ability to liaise with internal and external security partners, vendors, and law enforcement on cyber threat matters.

Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer. Click here for more information on E-Verify.