Global Cybersecurity Senior Analyst
About The Position
As a Senior Analyst – Cyber Security Incident Response (CS3) at BCG, you will be a key operational member of the Cyber Security Incident Response Team (CSIRT), responsible for executing cyber security investigations and supporting incident response activities across BCG’s global environment. This role focuses on consistent, high-quality execution of incident response and investigation tasks, including detection, triage, analysis, containment, and documentation. You will work within established processes and frameworks while contributing to their continuous improvement. You will collaborate closely with the Security Operations Center (SOC), IT, Risk, and other global stakeholders to ensure timely and effective response to cyber threats. This position requires strong analytical capability, attention to detail, and the ability to operate reliably in a fast-paced, high-accountability environment.
Requirements
- Bachelor’s degree (or equivalent) in Cybersecurity, Computer Science, Information Security, or related field
- Minimum 3–5 years of professional experience, with at least 2+ years in cyber security or security operations
- Hands-on experience in: Incident response or SOC operations SIEM platforms (e.g., Splunk or similar) EDR tools (e.g., CrowdStrike, Microsoft Defender, or similar) Log analysis and investigation
- Familiarity with: MITRE ATT&CK framework NIST Cybersecurity Framework Basic regulatory concepts (e.g., GDPR)
- Experience working in a global or distributed team environment
- Strong written and verbal communication skills in English
- Conducting structured and methodical investigations with strong attention to detail
- Analyzing logs, alerts, and telemetry to identify root cause and scope of incidents
- Following defined processes while adapting to evolving situations
- Producing clear, concise, and well-structured documentation
- Communicating effectively with both technical and non-technical stakeholders
- Managing multiple tasks and priorities with reliability and consistency
- Working collaboratively across globally distributed teams
- Demonstrating accountability and ownership of assigned work
Nice To Haves
- Security certifications (e.g., Security+, CEH, GCIH, or equivalent) are a plus
Responsibilities
- Investigate and respond to cyber security incidents, including phishing, malware, unauthorized access, and suspicious activity.
- Perform structured triage, analysis, and containment actions in alignment with CSIRT procedures.
- Monitor and analyze alerts from SIEM, EDR, and other security tools.
- Conduct log analysis across endpoints, network, and cloud environments to identify indicators of compromise.
- Document investigations clearly & accurately, ensuring all actions and findings are consistently recorded.
- Support incident response activities across time zones, including shift handoffs and coordination.
- Contribute to continuous improvement of response processes and post-incident reviews.
- Follow and apply frameworks such as MITRE ATT&CK, SANS incident handling, and internal playbooks.
- Escalate issues appropriately and provide relevant context for decision-making.
- Identify patterns, trends, and recurring issues, and share insights with the team.
- Support development and refinement of standard operating procedures (SOPs) and playbooks.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
