Explore Career Opportunities with GSV’s world-class partners

Powered By

Nu Advisory Partners

\n","datePosted":"2023-08-31T13:40:31.653Z","validThrough":"2023-12-22","employmentType":[],"hiringOrganization":{"@type":"Organization","name":"McKinsey & Company","description":"McKinsey & Company is a global management consulting firm, the trusted advisor to the world's leading businesses, governments, and institutions. McKinsey & Company provides solutions for issues of concern to senior management in large corporations and organizations. It provides advisory services to the world's leading businesses, governments, and institutions. It also provides industry practice solutions and functional practice solutions. Its industry practice solutions include advanced electronics, chemicals, metal and mining, electrical power, consumer goods, and more. Its functional practice solutions include business technology, corporate finance and sales, operations, and other related areas. McKinsey & Company was established in 1926 and is based in London, United Kingdom. It operates additional offices on each continent. When James O. McKinsey founded McKinsey in 1926, he could not have imagined the reach his small firm would eventually have. Eighty-seven years later, the firm has grown into a global partnership serving two-thirds of the Fortune 1000.","numberOfEmployees":41,"address":[{"address":{"@type":"PostalAddress","addressLocality":"San Francisco, CA, USA"}}],"sameAs":"https://mckinsey.com","url":"https://mckinsey.com","logo":"https://cdn.getro.com/companies/e20b4f25-1e5b-56f8-8e43-67e685f4fec7","memberOf":{"@type":"Organization","name":"ASU+GSV Summit","description":"The ASU+GSV Summit is the Knowledge Economy's Mecca of conversation and activism devoted to accelerating learning innovation around the world. Register now for the 2015 ASU+GSV Summit, taking place April 6-8, 2015 at The Phoenician Resort in Scottsdale, AZ.","logo":"https://cdn.filepicker.io/api/file/KUfbP0MnQeKG0E3XUhKo","url":"jobs.asugsvsummit.com"},"keywords":"Finance, Professional Services"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Jose, CA, USA"}}}

Cyber & Data Compliance Analyst

McKinsey & Company

McKinsey & Company

IT, Legal
San Jose, CA, USA
Posted on Thursday, August 31, 2023
Risk & Compliance

Cyber & Data Compliance Analyst

  • San Jose

Who You'll Work With

You’ll work as a core member of a team that is globally distributed across Costa Rica, Prague, Canada and various offices in the United States. You’ll be part of our Cyber & Data Risk & Compliance team in Costa Rica. You will work with the team to ensure policy compliance, manage risks, and drive collaboration for cyber priorities.

What You'll Do

You will work as part of the firm’s global Cyber and Data Risk and Compliance team to provide a “single pane of glass” and ensure accurate snapshot of our cybersecurity posture to guide cybersecurity priorities, enhancements, and investments. The goal is to drive compliance against all cyber and data policy requirements.
You will help deliver an end-to-end, holistic approach that ensures detected policy violations are appropriately tracked to effectively manage underlying risks. You will track issues from the policy monitoring and violation detection program and work with product teams and specific individuals to ensure actions plans are in place to mitigate risk, risk exceptions and acceptances are reviewed and approved by appropriate individuals, escalations are performed when needed, and consequences are imposed to promote compliance and accountability.
You will work closely and collaboratively with various functions, cells, and teams across the firm to promote timely detection of gaps and identify enhancement opportunities against a prioritized set of requirements for all cyber and data policies. You will work with various teams to ensure issues identified through various sources including due diligences performed prior to deal closing for acquisitions, automated mechanisms in place to detect product level gaps, and all audits and assessments are appropriately managed.
Specifically, this role will handle the end-to-end compliance processes for all pre-defined and ad hoc policy violations detected real time. This will include reviews and assessments to determine design and operating effectiveness against a set of cyber and data policy requirements, alerts & escalations to ensure colleagues and teams are aware of policy violation, follow-ups with issue owners to ensure timely execution and delivery against plans. You will support the creation of periodic reports for SteerCo and other leadership committee groups to highlight critical issues and constraints for decisioning and actioning.


  • Bachelor’s degree in computer science, information security or technology related field
  • 2+ years of experience in risk management, information security, or IT
  • Exhibit excellent written and analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Senior Analyst (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
  • Knowledge of common information security management frameworks and past participation in both initial certification and renewal of one or more of: ISO/IEC 27001, SOC 2/SSAE 16, PCI DSS, etc.
  • High degree of personal ownership to ensure quality work is delivered on time
  • Ability to collaborate with others and work in both a team environment and independently
  • Attention to detail, process and organization with the ability to prioritize across different workstreams
Apply Now
Job Skill Group - CSSA
Job Skill Code - CYRA - Analyst, Cyber and Data Risk
Function - Risk & Resilience;Technology
Industry - High Tech
Post to LinkedIn - Yes
Posted to LinkedIn Date - Wed Aug 30 00:00:00 GMT 2023
LinkedIn Posting City - San Jose
LinkedIn Posting State/Province -
LinkedIn Posting Country - Costa Rica
LinkedIn Job Title - Cyber & Data Compliance Analyst
LinkedIn Function - Analyst;Information Technology
LinkedIn Industry - Computer & Network Security;Information Technology and Services
LinkedIn Seniority Level - Not Applicable