About The Bridgespan Group

The Bridgespan Group (“Bridgespan”) is a global nonprofit that aims to build a better world by strengthening the ability of mission-driven organizations, philanthropists, impact investors, and corporations to achieve breakthrough results in addressing society’s most important challenges and opportunities.

Founded in 2000, Bridgespan has offices in Boston, Johannesburg, Mumbai, New York, San Francisco, and Singapore. Across these six locations, we have a diverse team of staff with varied backgrounds and experience across multiple sectors. We work with social change organizations such as TaRL Africa, Tiko, and CAMFED; philanthropies and foundations such as OSF, Women First Fund, and The Ford Foundation; impact investors such as TPG’s Rise Fund, Black Ambition, and AfricInvest; and bold funding collaboratives such as TED’s Audacious Project and Co-Impact.

Bridgespan aims for a world where all people have the opportunity to flourish. Given how society works today—as manifest in systems and mindsets that have developed over time—that opportunity is not accessible to all. We are committed to equity, specifically to doing work to help ensure that race, gender, and other dimensions of identity are not determinants of life outcomes and to building an organization where the diverse set of individuals we need can thrive in pursuit of their full professional potential, and to proactively addressing the systems that help or hinder these goals. It is a commitment to both external equity work and internal inclusivity that gets Bridgespan closer to achieving its mission.

Position

We are seeking an experienced and strategic Cybersecurity Architect to lead the design and implementation of secure enterprise architectures across our technology landscape. Reporting into the Chief Architect position, this role supports development of security frameworks, and policies, as well as, guiding secure system design, and ensuring that cybersecurity controls are embedded across infrastructure, applications, cloud environments, and data platforms. This role will support the progressive needs of the business and implement timely, secure and cost-efficient solutions that elevate the company’s security posture. The Cybersecurity Architect also assists with client contractual reviews, compliance and security certifications.

Bridgespan is in the process of decoupling our Infrastructure, Operations and Cybersecurity functions from our affiliated founding company which currently operates these services for us. A major focus of this role will be to help build a future-state cybersecurity function which includes implementing the setup of a Managed Security Services Provider (MSSP) model, managing the operational relationship with the MSSP, and helping to ensure outsourced security operations are aligned with enterprise security architecture, risk appetite, and compliance obligations.

Responsibilities and Duties

Security Architecture & Project Delivery

• Support the design and maintenance of enterprise security architecture aligned with business and technology strategy
• Help establish long-term security architecture roadmaps aligned to enterprise risk priorities
• Apply and support the implementation of security standards, patterns, and best practices
• Contribute to the development of security policies aligning with industry best practices for cybersecurity and resiliency
• Conduct threat modeling and risk assessments for new and existing systems
• Support alignment with frameworks such as NIST, ISO 27001, SOC 2, and Zero Trust models

Cloud & Infrastructure Security

• Design secure solutions across public, private and hybrid clouds
• Define security controls, policies and standards for networks, endpoints, containers, and hybrid environments
• Implement identity and access management (IAM), encryption, network segmentation, logging and monitoring controls
• Guide secure DevSecOps integration and CI/CD security practices

MSSP Coordination

• Support establishing and managing the relationship with the MSSP who is expected to provide 24x7x365 Security Operations (SecOps), threat intelligence, security testing, security administration, SIEM and other services
• Contribute to defining the operating model for outsourced security services, including roles, responsibilities, escalation paths, and decision rights
• Help establish and manage the MSSP governance framework, including service reviews, risk reviews, roadmap alignment, and continuous improvement processes
• Monitor, and report on SLAs, KPIs, and security outcomes; hold MSSP accountable for performance and service quality
• Support onboarding of new systems, applications, and cloud environments into MSSP monitoring
• Identify opportunities to optimize cost, improve automation, and increase operational efficiency within MSSP services

Governance, Risk & Compliance

• Support translation of regulatory and compliance requirements into technical and security controls
• Partner with contracts, audit and compliance teams to support client and third-party security assessments
• Conduct security architecture reviews and provide recommendations on solution designs
• Stay current with cybersecurity threats, AI, risks and vulnerabilities with potential impact to services

Engineering Collaboration

• Work closely with engineering teams to embed security-by-design principles
• Provide guidance on secure coding practices and application security
• Contribute to evaluation and recommendation of security tools and technologies
• Design security for monitoring, logging, IAM, encryption, data protection, detection and preventive controls
• Lead security incident response improvements and post-incident design remediation

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field (Master’s degree is preferred)
• 5+ years of experience in cybersecurity, with 3+ years in security architecture
• Experience working with or supporting MSSP or third-party security vendor relationships
• Deep knowledge of enterprise security frameworks and domains (network, cloud, endpoint, application, data security)
• Proven experience with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security
• Knowledge in one or more: NIST, CIS, CSA-CCM, ISO 27001
• Applicable knowledge as needed about GDPR, PCI DSS, CCPA, DPDP etc.
• Experience with SIEM, EDR, IAM, firewalls, cloud security tooling, and detection technologies
• Ability to perform threat modeling and enterprise risk analysis
• Strong communication and stakeholder management skills
• Ability to handle multiple demands and appropriately prioritize tasks as necessary
• Ability to work with a high degree of independence, and generate high-quality outputs
• High degree of professionalism, tact, and confidentiality required
• Strong written and verbal communication skills are required
• Commitment to strong performance, high standard of accountability, and openness to feedback
• Commitment to diversity, equity, and inclusion
• Preferred Certifications include CISSP, CISM, CCSP & Microsoft cloud security certifications