041844-Sr. IT Security Consultant

Capgemini’s robust Outsourcing offerings include: Applications Management, Infrastructure Management and Business Process Management. We combine these services with our deep industry knowledge and experience to provide the change agent to accelerate business growth. We generate quality and speed through our proven tools, methods and global centers. These capabilities, coupled with our program management expertise are tailored to fit the most challenging business needs.

The IT Sr. Security Consultant is accountable to follow Security assurance and audit principles to ensure compliance within scope of service activity. Undertakes Security assurance and audit activities to ensure compliance and to identify risks and opportunities. Provides information to the business’ senior managers and executives to ensure that they are aware of any Security-related risks or opportunities. Provides subject matter expertise, consultancy and training in Security-related policy, standard and guideline matters. Also supports remediation, implementation and maintenance of Security related policies, standards and procedures. Ensures that the required policies, standards and procedures are fully documented, reviewed and adhere to Group and client requirements.

The employee will participate in a team to deliver Information Security Management services to one or more client organizations:

Operations

  • Operate various security systems and processes related to audit, compliance, forensics, application and infrastructure vulnerability scanning and management, patch management, SIEM, antivirus, antispam, identity/credentials/access management, firewall, proxy, and encryption;
  • Develop, maintain and recommend changes to security policies, standards and guidance;
  • Support other team members in the use of techniques to analyze and resolve Security issues;

Vulnerability Management

  • Receive, analyse and process various vendor and industry security alert bulletins to mitigate operating risks;
  • Plan and supervise external third party assessments, and directly conduct application and infrastructure security penetration testing using standard industry tools (nmap, Qualys, Metasploit, Powershell, AppScan);
  • Develop vulnerability assessment and remediation reports;

Incident Management

  • Act as Incident Handler for cybersecurity incidents, organizing application and infrastructure teams to assess and recover, and provide written and verbal status updates to client and internal stakeholders;
  • Develop, receive and analyze regular reports and alerting and followup exceptions requiring action;
  • Conduct security investigations and analyses using forensic and data mining tools to collect, search, and correlate large amounts of information;
  • Collect and manage evidence to ensure that the chain of custody is if required fully documented in accordance with local statutes and policies;

Security Risk Management, assurance and compliance

  • Perform and contribute to security risk assessments and compliance and management audits to monitor and document noncompliance to internal and customer security policies, standards and procedures, auditor and vendor recommendations, and industry best practice;
  • Develop security risk assessments and risk treatment plans to formally document concerns, issues and options for operations and project-driven solutions, architecture and implementations;
  • Decide and report findings, suggest corrective actions, and track and manage remediation activities to closure;
  • Interpret and recommend changes to client security policies, standards and guidance;

Within his or her specific accountabilities delivering the Information Security Management services above, the employee will also be expected to:

Governance:

  • Deliver, track and report the services described in the Master Service Agreement, Statement of Work, KPIs, SLAs;

Client Relationship Management:

  • Create and maintain a partnership with client stakeholders by understanding the client’s requirements and needs as they change over time and circumstances;
  • Understand, formalize and monitor client expectations, satisfaction and complaints;

Demand and Supply Management:

  • Identify and escalate changed service requirements and forecast the demand and impact for these services, and recommend updates to service management and the service catalogue;
  • Produce and maintain a service demand forecast;
  • Document, track, action and report various tasks assigned through workflow management and ticketing systems;
  • Monitor team distribution list for actionable internal or customer requests and process accordingly;

Performance and Improvement Management:

  • Identify, document and support the implementation of service improvement opportunities;

Financial Management:

  • Contribute to the successful management of the financial plan with accurate time reporting, forecasting and expense control for project and operations work;
  • Contribute to business cases, RFP response, pursuits, and other business development efforts;
  • Contribute to the design and solutioning of robust and secure project solutions and implementations;

Change Control:

  • Adapt to changing circumstances in the service engagement to minimize risk exposure, minimize the severity of any disruption, and to meet stakeholder expectations;

Issue Management:

  • Identify, prioritize and analyse possible risks to the service engagement, conduct actions to contain or mitigate them, and track how those risks evolve over time;
  • Identify issues, develop resolution plans, implement and track resolution activities and report resolution effectiveness;

Resource Management:

  • Complete mandatory corporate training, performance self-evaluations, skills assessments;
  • Successfully operate in a blended unionized/unrepresented workforce;

Supplier and Procurement Management:

  • Work with the internal and customer stakeholders to manage the acquisition of new and maintenance of existing security products and services;

Communications Management:

  • Inform internal and external stakeholders as to the current status of the service delivery using the most appropriate medium;
  • Produce high quality written reports presenting complex technical matters clearly and concisely and articulating expert opinions based on analysis;

Document and Record Management:

  • Effectively handle all documents and records which used to manage the delivery of services;

Knowledge Management:

  • re-use existing knowledge objects and add to the engagement’s contribution to Capgemini’s knowledge repositories;

Mandatory requirement

  • CISSP designation
  • MS Access, MS Excel, MS Powerpoint, MS Outlook

About Capgemini

With more than 190,000 people, Capgemini is present in over 40 countries and celebrates its 50th Anniversary year in 2017. A global leader in consulting, technology and outsourcing services, the Group reported 2016 global revenues of EUR 12.5 billion (about $13.8 billion USD at 2016 average rate). Together with its clients, Capgemini creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore�, its worldwide delivery model. Learn more about us at www.capgemini.com.

Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.

Click the following link for more information on your rights as an Applicant: http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law

 

 

Ref:

041844

Posted on:

February 8, 2019

Experience level:

Manager

Education level:

Bachelor's Degree

Contract type:

Permanent

Location:

Toronto

cookies.

By continuing to navigate on this website, you accept the use of cookies.

For more information and to change the setting of cookies on your computer, please read our Privacy Policy.

Close

Close cookie information