Analysis Group
Senior Information Security Engineer
Analysis Group is one of the largest international economics consulting firms, with more than 1,500 professionals across 15 offices in North America, Europe, and Asia. Since 1981, we have provided expertise in economics, finance, health care analytics, and strategy to top law firms, Fortune Global 500 companies, and government agencies worldwide. Our internal experts, together with our network of affiliated experts from academia, industry, and government, offer our clients exceptional breadth and depth of expertise. The Senior Information Security Engineer will serve as a trusted security leader and subject matter expert, partnering closely with the Information Security Manager to advance the firm's cybersecurity strategy, architecture, and operations. This role will take ownership of critical security initiatives, lead the design and enhancement of security programs, and guide cross-functional teams in implementing secure, resilient, and compliant solutions. The Senior Information Security Engineer will be responsible for architecting and managing enterprise security tools, leading incident response efforts, ensuring robust cloud security, and proactively addressing emerging threats. This position requires a deep understanding of both the firm's business objectives and the evolving cybersecurity landscape, ensuring that security solutions are business-enabling, scalable, and aligned with industry best practices. Essential Job Functions And Responsibilities: Architect and oversee enterprise identity governance initiatives and the Privileged Access Management (PAM) platform. Serve as a principal advisor to IT and business leaders on balancing business needs with security best practices. Lead advanced incident response activities. Lead the design, implementation, and optimization of Data Loss Prevention (DLP) solutions. Define and enforce robust cloud security strategies. Drive the maturity of the identity and access management program. Provide senior-level oversight of information security tools. Represent Information Security in enterprise architecture and technical project reviews. Lead investigations into phishing campaigns, targeted threats, and complex security incidents. Conduct continuous threat landscape assessments. Participate in the vulnerability management lifecycle. Guide the ongoing development of the Information Security Management System (ISMS). Mentor and coach junior security engineers. Partner with business stakeholders to elevate security training. Establish and refine advanced technical security controls. Participate in rotational on-call responsibilities. Qualifications: Bachelor's degree required; degree in Information Systems Security, Computer Science, or related field preferred. Industry-recognized certifications strongly preferred. Minimum of 5 years of substantive relevant experience required. An ideal candidate will have 7-10 years of progressive cybersecurity experience. Proven track record designing, implementing, and managing enterprise security architectures. Advanced expertise in identity governance, privileged access management, cloud security controls, and incident response. Experience with data security engineering and data loss prevention solutions. Deep understanding of enterprise IT systems, networking, and application architecture. Exceptional communication, documentation, and stakeholder engagement skills. Strong project leadership skills. Demonstrated experience mentoring and developing technical talent. Strategic thinker with a results-driven mindset. An inclusive and growth-oriented mindset. To the extent permitted by applicable law, eligible candidates must be authorized to work in the United States without sponsorship or restriction.
Analysis Group is one of the largest international economics consulting firms, with more than 1,500 professionals across 15 offices in North America, Europe, and Asia. Since 1981, we have provided expertise in economics, finance, health care analytics, and strategy to top law firms, Fortune Global 500 companies, and government agencies worldwide. Our internal experts, together with our network of affiliated experts from academia, industry, and government, offer our clients exceptional breadth and depth of expertise. The Senior Information Security Engineer will serve as a trusted security leader and subject matter expert, partnering closely with the Information Security Manager to advance the firm's cybersecurity strategy, architecture, and operations. This role will take ownership of critical security initiatives, lead the design and enhancement of security programs, and guide cross-functional teams in implementing secure, resilient, and compliant solutions. The Senior Information Security Engineer will be responsible for architecting and managing enterprise security tools, leading incident response efforts, ensuring robust cloud security, and proactively addressing emerging threats. This position requires a deep understanding of both the firm's business objectives and the evolving cybersecurity landscape, ensuring that security solutions are business-enabling, scalable, and aligned with industry best practices. Essential Job Functions And Responsibilities: Architect and oversee enterprise identity governance initiatives and the Privileged Access Management (PAM) platform. Serve as a principal advisor to IT and business leaders on balancing business needs with security best practices. Lead advanced incident response activities. Lead the design, implementation, and optimization of Data Loss Prevention (DLP) solutions. Define and enforce robust cloud security strategies. Drive the maturity of the identity and access management program. Provide senior-level oversight of information security tools. Represent Information Security in enterprise architecture and technical project reviews. Lead investigations into phishing campaigns, targeted threats, and complex security incidents. Conduct continuous threat landscape assessments. Participate in the vulnerability management lifecycle. Guide the ongoing development of the Information Security Management System (ISMS). Mentor and coach junior security engineers. Partner with business stakeholders to elevate security training. Establish and refine advanced technical security controls. Participate in rotational on-call responsibilities. Qualifications: Bachelor's degree required; degree in Information Systems Security, Computer Science, or related field preferred. Industry-recognized certifications strongly preferred. Minimum of 5 years of substantive relevant experience required. An ideal candidate will have 7-10 years of progressive cybersecurity experience. Proven track record designing, implementing, and managing enterprise security architectures. Advanced expertise in identity governance, privileged access management, cloud security controls, and incident response. Experience with data security engineering and data loss prevention solutions. Deep understanding of enterprise IT systems, networking, and application architecture. Exceptional communication, documentation, and stakeholder engagement skills. Strong project leadership skills. Demonstrated experience mentoring and developing technical talent. Strategic thinker with a results-driven mindset. An inclusive and growth-oriented mindset. To the extent permitted by applicable law, eligible candidates must be authorized to work in the United States without sponsorship or restriction.