Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
McKinsey

Senior Manager – Assurance and Cyber Risk

Qualifications

  • 10 years of experience in a leadership role in combination of risk management, security and/or IT; 4-5 years of IS related business experience in a professional services environment (Big 4 preferred)
  • Professional certification, such as a CISSP or CISM or other comparable information security credentials
  • Hands on experience of technical security concepts including authentication, authorization, data security, application security, cloud services and data governance
  • Experience with the following industry/regulatory requirements and frameworks: ISO27001/2, COBIT, SOC2, SOX, NIST 800-53, NIST CSF
  • Experience in partnering with IT teams from different disciplines in a combined effort to achieve project success
  • Experience with privacy regulations such as GDPR is strongly preferred
  • Comfortable in a fast-paced environment and simultaneously working on multiple projects/streams of work
  • Excellent interpersonal and collaborative skills; ability to articulate and present information to all levels of management
  • Excellent written and oral communication skills to both a technical and non-technical audience

Want more jobs like this?

Get jobs delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

Who You'll Work With

You will be based at our North American Knowledge Center (NAKC) in Waltham, MA. You will work to identify levels of risk and develop appropriate risk treatment plans in line with the overall firm cyber strategy. You'll work directly with the key functional areas (Information Security, Risk Management, Legal, Compliance & Client Facing Teams) to ensure engagement and collaboration regarding solution development, implementation, execution, and calibration.

What You'll Do

You will lead the overall development of an assurance program to evaluate, measure, and manage risks across McKinsey.

In this role you will provide information security leadership in the design, development and implementation of the cyber risk management program, including: developing a risk management framework for assessing cyber risk across varying solution cells, designing an assurance program to gather and report on metrics, advising on policies and procedures and influencing the strategic direction for McKinsey as a whole.

You will be responsible for developing the Cyber Risk Assurance Program, which includes reaching consensus with the Information Security and Risk teams on the core components of risk management and compliance that will form the basis of the global program. You will partner and collaborate with internal teams to facilitate the development of a standard risk management program that allows us to evaluate the effectiveness of information security programs with respect to meeting the firm's and our clients' standards for data security. You'll develop, maintain, communicate and provide guidance firm security policies and standards, manage the policy exception process and facilitate appropriate resource allocation and increase the maturity of the security program.

You'll liaise with external agencies and other advisory bodies to ensure that the organization maintains a strong security posture and privacy program. You will help lead data governance efforts including data inventory, classification and implementation of security controls in support of privacy (GDPR) and security compliance. You'll provide subject matter expertise to executive management on a broad range of information security standards and leading achievable practices, such as ISO and NIST CSF. You will liaise with external agencies and other advisory bodies to ensure that security programs are in compliance with applicable laws, regulations and policies.

You will also develop relevant metrics to measure the efficiency and effectiveness of the programs, facilitate appropriate resource allocation and enhance the maturity of the security and compliance program.

Job ID: 6e9675fb17e6f7e07b1644784e1a8186
Employment Type: Other

This job is no longer available.

Search all jobs