Cybersecurity Manager - AI Architecture

Cybersecurity Manager - AI Architecture at Boston Consulting Group (BCG)

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact.

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.

What You'll Do

We are seeking a highly skilled and technically hands-on Cybersecurity Manager – AI Architecture to lead the secure design and engineering assurance of AI/ML systems across the enterprise.

This role operates as a technical leader and partnering with multiple teams across business units—including data science, ML engineering, cloud/platform engineering, application development, security operations, and risk/compliance—to embed secure-by-design principles into AI systems.

The ideal candidate brings a strong engineering foundation and thrives on hands-on technical execution, architectural ownership, and cross-functional collaboration. They combine deep technical expertise with the ability to influence stakeholders and enable secure, scalable AI adoption across the enterprise.

Key Responsibilities

• Lead the design and implementation of secure AI/ML architecture frameworks aligned with zero-trust principles.
• Develop enterprise security standards and reference architectures for LLMs, generative AI platforms, and ML pipelines.
• Conduct AI-specific threat modeling (model poisoning, adversarial attacks, prompt injection, data leakage, model inversion, supply chain risk).
• Embed security controls into AI CI/CD pipelines, MLOps workflows, and DevSecOps processes across business units.
• Ensure secure handling of training data, fine-tuning datasets, model artifacts, and embeddings through encryption and access governance.
• Secure AI workloads in cloud and hybrid environments (AWS, Azure, GCP), including containerized and Kubernetes-based deployments.
• Integrate AI systems with enterprise identity and access management, cloud security posture controls, application security scanning, runtime monitoring, and vulnerability management platforms.
• Define AI-specific logging, telemetry, detection strategies, and incident response readiness.
• Provide hands-on architectural guidance and code-level review when required.

What You'll Bring

Required Qualifications

• Bachelor’s or Master’s degree in Computer Science, Engineering, Cybersecurity, or related technical field.
• Strong experience in cybersecurity with demonstrated exposure to AI/ML, cloud, or application security.
• 5+ years of hands-on engineering experience (software engineering, cloud engineering/SRE, systems architecture, ML engineering, or DevOps).
• Strong understanding of AI/ML architectures and MLOps frameworks.
• Experience with threat modeling methodologies.
• Proficiency in Python and secure coding practices.
• Experience working within enterprise environments that include identity management, cloud posture controls, application security scanning, runtime monitoring, and vulnerability management tools.
• Experience securing cloud-native platforms and containerized workloads.

Preferred Qualifications

• A technical manager and enterprise security architect.
• Experience implementing NIST AI Risk Management Framework.
• Knowledge of AI governance and emerging AI regulatory compliance requirements.
• Experience with model monitoring, drift detection, AI observability, or adversarial ML testing.
• Hands-on experience with Kubernetes security, Infrastructure-as-Code security, and CI/CD security automation.
• Experience driving cross-business-unit security initiatives.

Key skills/competency

• AI Security
• ML Security
• Threat Modeling
• DevSecOps
• Cloud Security (AWS, Azure, GCP)
• Zero-Trust Principles
• Kubernetes Security
• Python Secure Coding
• Identity & Access Management
• Incident Response