Application Security Specialist

About
Capgemini

Capgemini is one of the
top 5 IT services and consulting companies worldwide, Capgemini was founded in
1967 and is headquartered in Paris, France. Operating in 40 countries, we are,
above all, a people company with almost 145,000 people across the globe and
2014 revenues over €10.57 billion. At Capgemini Financial Services, we are
passionate about bringing deep industry experience, innovative service
offerings and next generation global delivery to serve the financial services
industry. Our network of 24,000 professionals serving financial services
collaborates with leading banks, insurers and capital market companies to
deliver business and IT solutions and thought leadership to our clients
worldwide. A deeply multicultural organization, Capgemini has developed its own
way of working, the Collaborative Business Experience™, and draws on Rightshore
®, its worldwide delivery model.For more information please visit
www.capgemini.com

 

Position
Type
: Full time Job

Job
Location
: NewYork City, NY

Job
Title:
Application Security Specialist

Job
Overview:

Opening for an Application Security Professional in NYC
The successful candidate should have a strong track record of delivering
security for the Software Development Lifecycle (SDLC) from inception to
deployment in the Production environment and/or Security Assessments.

The role is for a highly
skilled Security Assessment specialist to review the proposed project with our
client for security and compliance. The successful candidate will be a
strategic thinker who can execute tactically, be a self-starter, with the
ability to influence stakeholders and SMEs, thrive in a fast-paced team environment,
and be able to proactively anticipate, identify, and resolve problems.

Duties
& Responsibilities:

Planning duties will
include:

  • Security Assessment for compliance with SoX, HIPAA, ISO
    27001, NIST, or other standards
  • Security Architecture definition and review
  • Communication with the project teams
  • Educate the project participants in their roles and
    responsibilities for security

Security Duties will
include:

  • Understanding and research of proposed products and
    services within a project
  • Coordinate with offshore team to review and approve
    proposed architectures
  • Preparation of the findings and recommendation.
  • Security advisory on projects
  • Collaborate with other team members to facilitate the
    best recommendation

Offshore coordination
Duties will include:

  • Work with the offshore team to conduct the process
  • Work with the offshore team to prepare the reports

Customer Security
Liaison will include:

  • Advise customer about security aspects of the project.
  • Deliver and discuss deliverables with project owners
  • Solicit feedback and coordinate delivery of feedback on
    quality and timeliness of review.

Specific Tasks:

  • Defining
    the target state project security and data protection.
  • Creating
    documentation, using standard design tools and methodologies, that conveys
    the security findings and recommendation  through concise diagrams
    and descriptions of the entities, relationships and constraints with
    examples.
  • Applying
    the standards and target state requirements to assess the current state of
    the systems and identify gaps.
  • Defining
    system specific target state documentation that addresses the gaps with
    specific recommendations.
  • Providing
    clarifications and accountability for all design decisions of the program.
  • Assessing,
    contributing to and validating solution design and platform selections.
  • Reviewing
    all architecture decisions with cross-functional, cross-work-stream impact
    to application, data, infrastructure, and vendor solutions.
  • Confirming
    compliance of design decisions with established enterprise standards,
    design policies, and frameworks.
  • Researching
    new technologies and/or facilitating adoption as an enterprise standard

Skill, Experience &
General information Required:

Required Skills and
Experiences

  • Overall IT Security Experience of 4 years or more
  • Security Assessment Experience of 1 years or more
  • IT Architecture and understanding of common vendor
    products used within a Web Architecture
  • Security and Compliance principles and their
    applications to projects (i.e. Least Privilege,
    Confidentiality/Integrity/Availability, …)
  • Familiarity with Security Assessments and Risk
    Management
  • Familiarity with Security infrastructure (i.e.
    encryption, firewalls, VLAN Separation, DLP, …).

Desirable Skills and
Experiences

  • 3+ Years of technology design and implantation
    experience in an IT organization preferably in the financial industry.
  • Excellent written and verbal communication skills.
  • Worked in onshore/offshore model
  • QSA (Qualified Security Assessor)
    certification/experience
  • CISSP Certification

Disclaimer:  Capgemini  Financial Services  and its
U.S. affiliates are EEO/AA employers.  Capgemini conducts all
employment-related activities without regard to race, religion, color, national
origin, age, sex, marital status, sexual orientation, gender identity/expression,
disability, citizenship status, genetics, or status as a Vietnam-era, special
disabled and other covered veteran status.

Click the following link
for more information on your rights as an Applicant :
http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law