A global leader in consulting, technology
services and digital transformation, Capgemini is at the forefront of
innovation to address the entire breadth of clients� opportunities in the
evolving world of cloud, digital and platforms. Building on its strong 50-year
heritage and deep industry-specific expertise, Capgemini enables organizations
to realize their business ambitions through an array of services from strategy
to operations. Capgemini is driven by the conviction that the business value of
technology comes from and through people. It is a multicultural company of over
200,000 team members in more than 40 countries. The Group reported 2018 global
revenues of EUR 13.2 billion.
About Infrastructure Services :
The Cloud Infrastructure Services Global
Business Line is Capgemini’s consulting and infrastructure build-and-run
provisioning offering, and supports the group’s cloud-based services. As part
of the integrated cloud offering from Capgemini, Cloud Infrastructure Services
delivers a broad range of cloud services to build and support the hybrid cloud
estate by encompassing the leading public cloud players and leading private
cloud technologies. With EUR 1.5 billion annual revenue, Cloud Infra Services
helps clients virtualize and optimize their IT estates through infrastructure
outsourcing services such as data center, helpdesk, network support, and
service integration and service maintenance support. Our other services
also include infrastructure transformation services-helping clients consolidate
and migrate entire workloads and data centers.
Visit us at www.capgemini.com. People matter,
Application Security Architect
works on highly complex projects that require
in-depth domain knowledge in all dimensions of application security. Candidate
will assist in driving the architect, build out, and implementation efforts
related to application development & automation, as well as interacting
with functional leaders to support these technical initiatives.
- Assist with planning and
executing application & cloud security solutions across the lifecycle
� design, implementation and operations
application security controls, support delivery teams and staff, and guide
application development team members
security strategy plans and roadmaps based on secure development best
practices and provide guidance and hands-on experience to project teams in
design, development, and maintenance of security solutions including cloud
security-scanning tools as part of DevSecOps.
with the design and implementation of security tools for production
security automation tools to improve efficiency and productivity for
application development teams
scripts and integrating the SAST & DAST tools in to the Enterprise
Threat Models and implementing RASP with production applications to be
migrated to the cloud
in penetration testing & security compliance activities.
as an advisor when reviewing application design and security posture
the Open Source scan results and validate creation of the Full Open Source
Software Bill of Materials (BoM)
technical analysis of the BoM regarding license conflicts and other technical
license compliance issues, and determination of possible mitigation
options, with instructions to developers.
a security vulnerability report for the BoM components
file level license documentation, containing copyright statements during
with Legal on the identified copyright infringement issues and act as a
liaison between Legal and Application teams
and maintain documentation on standards, open source policies (on tool),
play book and training documents.
- 8 years overall technology
experience such as Java, .Net, C# and other web technologies, including
3 years of hands-on technical experience on application development &
years in a technical or functional lead role
of standards such as ISO 27001, ISO 27018, NIST 800-53, PCI DSS, SOC2,
HIPAA, PCI, SOX, GLBA, etc.
and willingness to travel up to 25% as required
security certifications (CISSP, CISM, CISA, etc.)
track record of setting targets, executing to plan, and delivering
of risk management frameworks (ISO, NIST, etc.)
experience in IT operations and support
identifies opportunities for improvement and implements positive change
decision-making capabilities, with a proven ability to weigh the relative
costs and benefits of potential actions and identify the most appropriate
interpersonal skills, with an emphasis on the ability to effectively
team-focused mentality with the proven ability to work effectively with
ability to communicate complex and technical issues to diverse audiences,
orally and in writing, in an easily-understood, authoritative, and
Location � Houston, TX � applicants outside of
TX maybe eligible for relocation assistance if selected for hire
Capgemini is an Equal Opportunity Employer encouraging
diversity in the workplace. All qualified applicants will receive consideration
for employment without regard to race, national origin, gender
identity/expression, age, religion, disability, sexual orientation, genetics,
veteran status, marital status or any other characteristic protected by law.
This is a general description of the Duties,
Responsibilities and Qualifications required for this position. Physical,
mental, sensory or environmental demands may be referenced in an attempt to
communicate the manner in which this position traditionally is performed.
Whenever necessary to provide individuals with disabilities an equal employment
opportunity, Capgemini will consider reasonable accommodations that might
involve varying job requirements and/or changing the way this job is performed,
provided that such accommodations do not pose an undue hardship.
Click the following link for more information on your rights
as an Applicant – http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law
Applicants for employment in the US must have valid work
authorization that does not now and/or will not in the future require
sponsorship of a visa for employment authorization in the US by Capgemini.