Security Manager

About
Capgemini
 
With more than 193,000 people in over 44
countries, Capgemini is one of the world's foremost providers of consulting,
technology and outsourcing services. The Group reported 2016 global revenues of
EUR 12.539 billion. Together with its clients, Capgemini creates and delivers
business and technology solutions that fit their needs and drive the results
they want. A deeply multicultural organization, Capgemini has developed its own
way of working, the Collaborative Business ExperienceTM, and draws on
Rightshore®, its worldwide delivery model. 

Learn more about us at
http://www.capgemini.com  

 

Houston, TX

Fulltime

 

Experience – 9 – 13 years Location: US - Either
of Dallas(TX), Houston(TX) or Reston(VA) The Security Engineering Lead for one
of our leading Insurance client would play a key role in providing the needed
technical and Project leadership for a team of Security engineers in areas
comprising (but not limited to SIEM(Splunk), Data base monitoring and
protection and Web application firewall. He would be the Single Point of
Contact for the client. Requirements (Background) • Bachelor of Science in
Information Technology, Management Information Systems or Risk Management. • 5+
years of experience in IT Security or related area with a focus on security
tool technology, security management and policy enforcement. • Prior experience
with network security & related applications, tools and solutions. • Deep
understanding of network routing and switching architecture, design and
troubleshooting. • Experience supporting 24x7x365 high availability solutions
in large complex data center environment. • Strong organizational skills. •
Ability to multi-task and meet deadlines. • Ability to work efficiently and
productively without direction or guidance. • Capable of exercising extreme
discretion and independent judgment. • Ability to handle extremely confidential
information in a professional manner. • GRC certifications such as CISA, CGEIT,
CRISC (desired) • Education: Bachelor Degree in Engineering (Required)
Engineering contribution 1. Provide analytical and technical security
recommendations to other fellow team members, other technology teams of our
client as needed, security management, and business stakeholders. Identify
requirements, based upon need or as the result of a security issue that puts
organizations systems at risk. 2. Act as liaison to other technology teams on
the client side to effectively communicate, architect, and deliver security
solutions. 3. Lead development of technical solutions in multiple areas (WAF,
SIEM, Database monitoring, etc) and enhancements to existing systems, and new
security tools to help mitigate security vulnerabilities and automate
repeatable tasks. 4. Maintain up-to-date detailed knowledge of the IT security
industry including awareness of new or revised security solutions, improved
security processes and the development of new attacks and threat vectors. 5.
Recommend additional security solutions or enhancements to existing security
solutions to improve overall enterprise security. 6. Define, maintain and audit
up-to-date baselines for the secure configuration and operations of all
in-place devices, whether they be under direct control (i.e., security tools)
or not (i.e., workstations, servers, network devices, etc.). 7. Support new and
existing security solutions and partner with the security engineering team for
the implementation and integration of any new enhancements made to existing
security solutions in support of improving overall enterprise security. 8.
Ensure security tools and solutions hardware/software/devices are operating
effectively and updated in a timely manner. 9. Determine appropriate levels of
security configuration, controls and monitoring. 10. Use appropriate and
effective measures to respond to network security alerts. 11. Support the
deployment of new security solutions in multiple data centers. 12. Support
incident management processes and security monitoring alerts in preventing
internal / external hackers. 13. Responsible for meeting all reporting
requirements. Leadership & Project Management 1. Propose, plan, and execute
Security engineering work in close collaboration with client to implement new
and improve existing security solutions, working in partnership with the client
Infosec and their Technology teams as appropriate. 2. Play an active role in
collaborating with the client in various defense initiatives and coordinating
the evaluation, deployment, and management of current and future security
technologies. 3. Necessary mentoring to fellow Security engineering team
members 4. Necessary project Management, tracking and reporting to client Day
to day operations 5. Define and maintain operational configurations of all
in-place security solutions as per the established baselines, for those
security systems solutions that are partially or wholly operated by the InfoSec
team. 6. Participate in the monitoring all in-place security solutions for
efficient and appropriate operations. 7. Necessary intervention in the review
of logs and reports of all in-place devices, whether they be under direct
control (i.e., security tools) or not (i.e., workstations, servers, network
devices, etc.). Interpret the implications of that activity and devise plans
for appropriate resolution. 8. Problem management, root cause analysis
Knowledge & Experience • 3+ years’ experience with Splunk on a large enterprise
level. • Architecting and deploying Splunk Enterprise implementations in small
to medium sized customers. • Administering Splunk and Splunk App for Enterprise
Security (ES) log management. • Integrating Splunk with a wide variety of
legacy data sources that use various protocols. • The ability to design Splunk
reports and dashboards using complex data elements. A passion for Analytics,
for helping users discover and share the stories and meaning in their data.
Experience in translating business requirements into concrete data analytic
solutions. • PERL/Linux shell scripting/Regex experience would be highly
preferable. • Splunk training and/or certifications would be a major plus •
Broad experience with administration and architecture for two or more other Security
tools such as Imperva WAF and Guardium Database monitoring • Working technical
knowledge of several of the infrastructure technologies. • In-depth technical
knowledge of and experience with one or more common security products and
toolset (firewalls; intrusion prevention systems; web-security content
management; authentication services; SEIM; etc.).