New

Senior Security Manager II

McKinsey & Company
parental leave, paid time off
United States, Georgia, Atlanta
Apr 07, 2025
Technology & Digital Senior Security Manager II Job ID: 96790 Do you want to work on complex and pressing challenges-the kind that bring together curious, ambitious, and determined leaders who strive to become better every day? If this sounds like you, you've come to the right place. Your Impact As Senior Security Manager II, you will lead practice product and cloud security across AWS or Azure or GCP, including planning and implementation of the Firm's security standards in support of the strategic business plan, implement Shift left strategies, tooling and processes across software development life cycle, and provide direct support to CSTs to ensure cybersecurity is addressed throughout the engagement delivery lifecycle, from infrastructure and tooling choices to the secure development of products, processing and deletion of client data. You will also help win client business by providing cybersecurity assurance to Practice-specific RFIs, RFPs, proposals, contract drafting, security questionnaires, workshops and other client due diligence processes. This involves implementing and managing the ongoing independent third party attestations of industry cybersecurity standards and certifications, such as ISO 27001, SOC 2 for Practice-specific solutions and products. Lastly, you will act as a single point of contact and escalation for the SOC, Threat Intel and Crisis Response Teams for Practice related cybersecurity incidents, ensuring timely identification, remediation and lessons learned, while providing Practice-level cybersecurity reporting, metrics and forecasting to Practice and Firm Leadership. Your Growth The Senior Security Manager acts as the interface between Firm-wide Cybersecurity Leadership and the Practice, driving the implementation of Firm-wide strategy - and, in turn, ensuring client and Practice requirements are fed back into the continual improvement of Firm-wide strategy. Day-to-day the Senior Security Manager drives the implementation of Firm cybersecurity, data protection, and privacy policies, standards and processes within the Practice. They work to continually improve the security posture of asset development and engagement delivery through proactive risk management and the establishment of a broad range of cybersecurity controls. The role will proactively work on initiatives around Platform McKinsey and have an exposure to our firms CTO and the team. Your qualifications and skills Knowledge of Secure Software Development Lifecycle and DevSecOps 8+ years of experience in information security management, IT security and data protection Technical understanding of a range of enterprise IT and cloud-based architectures and technologies (AWS, Azure, GCP), networking, server infrastructure, operating systems, web applications, databases, containerisation, mobile Working knowledge of common information security controls, guidelines and standards, such as ISO27001, OWASP, SOC 2, NIST Experience of conducting risk assessments threat modeling and information security reviews, and audits Experience with security technologies and tooling, e.g. vulnerability scanners, firewalls, network monitors, IAM, SIEM, IDS/IPS Excellent problem solving, organisational skills, and attention to detail Strong written and verbal communication with the ability to converse effectively at all levels of seniority, both internally and externally Strong analytical and organisational skills and the ability to work independently, as well as part of a wider team, with minimal supervision Please review the additional requirements regarding essential job functions of McKinsey colleagues. Apply Now Apply Later FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law. Certain US jurisdictions require McKinsey & Company to include a reasonable estimate of the salary for this role. For new joiners for this role in the United States, including all office locations where the job may be performed, a reasonable estimated range is $243,500 - $247,300 USD -to help you understand what you can expect. This reflects our best estimate of the lowest to highest [salary/hourly wages] for this role at the time of this posting, ensuring you have a clear picture right from the start, though it's important to remember that actual salaries may vary. Factors like your office location, your unique blend of experience and skills, start date and our current organizational needs all play a part in determining the final figure. Certain roles are also eligible for bonuses, subject to McKinsey's discretion and based on factors such as individual and/or organizational performance. Additionally, we provide a comprehensive benefits package that reflects our commitment to the wellness of our colleagues and their families. This includes medical, mental health, dental and vision coverage, telemedicine services, life, accident and disability insurance, parental leave and family planning benefits, caregiving resources, a generous retirement contributions program, financial guidance, and paid time off. FOR NON-U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. For additional details regarding our global EEO policy and diversity initiatives, please visit our McKinsey Careers and Diversity & Inclusion sites. Job Skill Group - N/A Job Skill Code - ISGB - Senior Security Manager II Function - Technology Industry - High Tech Post to LinkedIn - Yes Posted to LinkedIn Date - Wed Apr 02 00:00:00 GMT 2025 LinkedIn Posting City - Atlanta LinkedIn Posting State/Province - Georgia LinkedIn Posting Country - United States LinkedIn Job Title - Senior Security Manager II LinkedIn Function - Information Technology LinkedIn Industry - Information Technology and Services LinkedIn Seniority Level - Mid-Senior level