Manager - Secure Data

Locations: Boston | Atlanta | London

Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. Founded in 1963, BCG was a pioneer in business strategy and today helps clients with total transformation, inspiring complex change, enabling growth, building competitive advantage, and driving bottom‑line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change.

BCG delivers solutions through leading‑edge management consulting along with technology and design, corporate and digital ventures, and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive.

The Site Reliability Engineer (SRE) – Secrets Management is responsible for the reliable operation, automation, and support of BCG’s secrets management platforms, with a primary focus on Hashi Corp Vault. This role ensures that credentials, keys, and tokens are securely stored and managed while applying SRE principles to maintain performance, availability, and security across Vault and cloud‑native secret stores.

As a Vault‑focused SME, the SRE will work closely with platform engineering, Sec Ops, cloud teams, and security engineering to integrate secrets management into enterprise workflows, strengthen security posture, and improve developer experience. This role emphasizes hands‑on engineering, operational excellence, and continuous improvement rather than people or program management.

• Support day‑to‑day operations of Hashi Corp Vault and cloud‑native secret stores (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager).
• Configure, maintain, and troubleshoot Vault clusters, name spaces, auth methods, secret engines, and policies.
• Develop and maintain processes for secure storage, rotation, and lifecycle management of credentials, certificates, and keys.
• Ensure Vault services are reliable, monitored, and available for global teams with defined SLAs.
• Build automation for provisioning, storing, rotating, and managing credentials, certificates, and keys.

• Apply SRE principles to enhance reliability, performance, and scalability of secrets management services.
• Build and maintain monitoring, alerting, and dashboards for Vault performance, access patterns, anomalies, and system health.
• Participate in incident response for secrets‑related issues and contribute to root cause analysis and long‑term corrective actions.
• Assist with capacity planning and performance tuning of Vault and related infrastructure. Monitor systems for performance and security events, partner with incident response teams for remediation.
• Define and track operational KPIs and SLOs for secrets management services.

• Align secrets management processes with BCG compliance requirements.
• Ensure audit logging, rotation policies, classification tags, and least‑privilege controls are accurately enforced.
• Support security teams in audit readiness, evidence gathering, and policy validation.
• Partner with governance and security teams to embed enforceable policies into processes and tools.
• Support audits and implement automated compliance checks within secrets management workflows.

• Work closely with platform, Dev Ops, and application teams to integrate secrets management into CI/CD pipelines and workflows.
• Provide guidance and enablement to developers and engineers on using Vault services securely and effectively.
• Contribute to documentation, standards, and training to improve adoption and consistent usage of secrets management platforms.

• Support technical engagement with vendors and cloud providers.

• Manage and mentor engineers responsible for secrets management operations.

• Drive a culture of continuous improvement, knowledge…