Global Delivery Director - Secure Data

Locations : Boston London

Who We Are

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.

What You'll Do

The Global Delivery Director - Secure Data is a critical leadership role that enables the secure foundation of BCG's digital operations globally. By driving scalable, automated, and user-focused security engineering-and by embedding security into modern engineering and operational practices-this role ensures BCG can innovate securely while maintaining trust, compliance, and operational excellence.

The Global Delivery Director - Secure Data is responsible for leading the design, delivery, and continuous evolution of BCG's data security strategy and controls. This role ensures that BCG's most sensitive data is protected globally through secure-by-design engineering, automation at scale, and resilient security platforms. The Director will drive strategic planning, execution, and operations of scalable, automated, and resilient security solutions that safeguard BCG's global operations and users, while enabling innovation and agility across BCG Core, BCG X, and CT worldwide. This role is accountable for embedding security within DevSecOps practices, applying Site Reliability Engineering (SRE) principles across all security services, and aligning with privacy, compliance, and business leaders to maintain trust and regulatory compliance.

Key Responsibilities:

• Strategic Leadership & Transformation:
  • Define and execute a unified security engineering strategy that addresses data protection across all environments and data lifecycle stages.
  • Lead the design and implementation of scalable, automated solutions that integrate seamlessly into enterprise platforms and user experiences.
  • Establish a global security architecture and engineering roadmap focused on prevention, detection, and rapid response.
  • Drive continuous improvement of security posture while aligning with business needs, regulatory requirements, and user experience expectations.
  • Champion DevSecOps practices to embed security early into development and delivery workflows.
• Data Security Engineering:
  • Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification.
  • Collaborate with the IAM team to align authentication, authorization, and privileged access policies with data security controls.
  • Deliver security capabilities that support modern work scenarios, remote access, zero-trust networking, and protection of sensitive data in AI/ML workloads.
  • Leverage automation frameworks and IaC to improve scalability and reduce manual intervention.
• Operational Security, SRE & Assurance:
  • Ensure security platforms are resilient, continuously monitored, and designed for 24x7 support and incident response readiness.
  • Embed security telemetry and observability to enable proactive threat detection and automated response.
  • Apply SRE principles to improve reliability, performance, and maintainability of security services.
  • Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services.
• Compliance, Governance & Risk Management:
  • Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others.
  • Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains.
  • Implement automated compliance controls and continuous assurance checks.
  • Lead risk mitigation efforts with technical solutions that scale across diverse user and system profiles.
• Financial & Vendor Management:
  • Manage security platform budgets and investments with a focus on cost optimization and long-term value.
  • Evaluate and manage third-party vendors and partners, ensuring they meet technical, contractual, and security expectations.
  • Lead procurement and renewal cycles in alignment with operational and architectural strategies.
• Leadership & Talent Development:
  • Build and mentor a global team of security engineers, fostering a high-performance, collaborative, and forward-thinking culture.
  • Drive internal knowledge sharing and upskilling programs across the team.
  • Collaborate cross-functionally with platform, product, and enterprise architecture teams to embed security early and often.

What You'll Bring

Required Qualifications:

• 10+ years of experience in cybersecurity, security engineering, or platform security roles.
• 5+ years in a senior leadership position with accountability for enterprise-scale security platforms.
• Deep expertise in data protection technologies, with proven ability to design and scale global solutions.
• Experience with security engineering in hybrid and cloud-native environments (AWS, Azure, GCP).
• Proven track record in automating security controls, implementing zero-trust models, and supporting 24x7 security operations.
• Strong understanding of compliance frameworks and risk management strategies.
• Demonstrated ability to present complex security topics to executive leadership.

Preferred Qualifications:

• Certifications such as CISSP, CCSP, CISM, AWS/Azure Security Specialty, or equivalent.
• Experience with tools like Symantec DLP, Zscaler CASB, MS Purview, Palo Alto Prisma, Hashi Vault and other modern security platforms.
• Familiarity with DevSecOps principles, Infrastructure as Code, and secure software development practices.

Who You'll Work With

Work Environment & Additional Information:

• Hybrid or on-site work model.
• Occasional travel may be required for business, vendor, or team engagement.
• Ability to operate in a fast-paced, complex environment, balancing long-term strategy with operational agility.

Additional info

For US locations only

In the US, we have a compensation transparency approach.

Total compensation for this role includes base salary, annual discretionary performance bonus, retirement contribution, and a market leading benefits package described below.

• The base salary range for this role in Boston is $181,000.00 - $221,000.00

This is an estimated range, however, specific base salaries within the range depend on various factors such as experience and skill set. It is not common for new BCG employees to be hired at the high-end of the salary range. BCG regularly reviews its ranges to ensure market competitiveness.

In addition to your base salary, your total compensation will include a bonus of up to 30% and a generous retirement contribution that starts at 5% and moves to 10% after 2 years.

All of our plans provide best in class coverage:

• Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children

• Low $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs

• Dental coverage, including up to $5,000 in orthodontia benefits

• Vision insurance with coverage for both glasses and contact lenses annually

• Reimbursement for gym memberships and other fitness activities

• Fully vested Profit Sharing Retirement Fund contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan

• Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement

• Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month)

• Paid sick time on an as needed basis

Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws.
BCG is an E - Verify Employer. Click here for more information on E-Verify.