Who you’ll be working with
With incidents of cyber-crime frequently in the news, Capgemini’s clients are increasing conscious of the need to protect their systems and data. The successful applicant for this role will join Capgemini’s Inverness based UK Security Operations Team, which in turn forms part of the Company’s Global Cybersecurity Unit.
The Highland Security Operations Centre (HSOC) has proven highly successful since its formation in 2014 and serves a range of government and commercial clients headquartered in the UK and Continental Europe. Successful applicants will have the chance to develop a career which in the future could see them working in areas such as Protective Monitoring, Threat Intelligence, Vulnerability Management, Penetration Testing, Digital Forensics and Identity & Access Management.
The HSOC does now have office space in Nairn and there are plans during 2018 to refurbish this into a second Highland SOC. However do note that whilst some opportunity to work from the Nairn office does exist right now, all training will be done in Inverness.
The focus of your role
The Security Compliance Consultant will report to the HSOC Manager and provide service to the Capgemini Account Security Assurance Manager with responsibility for measuring and reporting of Capgemini’s compliance with client security requirements, ensuring that all identified non-compliances are escalated to the relevant teams responsible for the implementation of the requirement, and where necessary assist the team in formulating any necessary remediation plans.
The role is full time with a 37.5 hour week worked Monday to Friday Core Hours. As part of the mutualised HSOC team HMG security vetting clearance at SC level is required. Successful applicants not already in possession of SC will need achieve this during their probation period; HSOC staff will assist and advise.
What you’ll do
The principle tasks include:
- Conduct security risk assessments
- Provide necessary input into Security Accreditation documentation
- Provide a security compliance point of contact for Accreditors and Project teams
- Make security improvement recommendations and create the supporting business cases
- Collect and interpret security compliance evidence, providing quarterly security compliance reports.
- Plan, conduct and examine security tests, reviews and audits as necessary.
What you’ll bring
Applicants will need to have experience/knowledge of, some or all of the following along with the desire and aptitude to train and gain competency in the remainder:
- Good general networking and internet services knowledge
- Previous Cyber Security experience – for project-related security assessments etc.
- Unix/Linux, Windows, Middleware
- Penetration Testing (analysis and review of internet service Penetration Test reports)
- Windows/Unix patching methodologies
Experience in use of some of the following would be advantageous, but it is of great importance to demonstrate an aptitude and desire to train and gain competency in them.
- Experience of Vulnerability Management software tools – e.g. QualysGuard, Tenable (Nessus) etc.
- Shell or Perl Scripting
- Security technologies:
- Proxy Servers
- email filtering
- Understanding of current industry security issues and solutions
- The ISO 27001 Security Standard
What we’ll offer you
Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.
Why we’re different
At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too.
Capgemini is proud to represent nearly 130 nationalities and its cultural diversity. Our holistic definition of diversity extends beyond gender, gender identity, sexual orientation, disability, ethnicity, race, age and religion. Capgemini views diversity as everything that makes us who we are as an organization, including our social background, our experiences in life and work, our communication styles and even our personality. These dimensions contribute to the type of diversity we value the most: diversity of thought.
We want to make sure that we find the right people to work in our teams, and we know that working full-time isn’t necessarily right for everyone. So we’d love to hear from you if you feel you’re a great fit for this role, and would like to work flexibly. As an example, some of our team members work four days a week, but travel across the UK during their working days. Or you might prefer to work three days a week (in a job share scenario) with travel limited to Greater London. If you are the right person for this role, we’ll find the right working approach for you.