Provide Senior level guidance, technical advice, and assistance to the company and its clients regarding Information Security at an Enterprise Level for Security Governance, Infrastructure Protection, Risk Management and Mitigation, Strategic ISMS Planning and Design, Security Architecture, Data Protection, Disaster Recovery/Business Continuity, and Audit and Compliance.
Assist Client Organizations in the provisioning of a Risk Management model through provisioning of Security expertise and thought leadership in the areas of security recommendations, alternative selection, project planning and implementation of IT Security Best Practices for tools, techniques, processes and procedures, requirements, and systems.
Guide the development of IT Security technical standards, procedures and programs meeting Regulatory requirements for the company consistent with corporate security objectives, business needs, associated business risks, and generally accepted IT Security practices.
Provide Senior leadership to a team of security professionals for the Cloud and Infrastructure Run Operations Organization in their client delivery of Security requirements to elevate our client’s security program maturity and protection against an ever-changing Threat Landscape.
Provide team and individual mentoring, along with career development. This leader will plan and set the budget for the organization while maintaining costs to meet budget requirements.
Prepare and issue security reports for company executives and Board of Directors.
Provide oversight for the implementation of internal IT Security system controls.
Guide the Security Organization to develop long-term roadmaps and strategy while building a foundation for mature security practices.
Build system and business risk assessment capabilities and provide IT security consultation to internal business unit leaders and others as necessary regarding IT Security Systems, Practices, and Controls including but not limited to Cloud, firewalls, encryption, virus products, IDS, SIEM, access control mechanisms, Identity Management and authentication systems, security patch management, data and backup processes, vulnerability assessment tools and methodology, Disaster Recovery, Security Incident Response, Training and Awareness, etc…
Oversee compliance assessments, ensuring recommendations contain appropriate consideration of cost, business priorities and risk to the corporation.
Lead effective analysis and review of security tools and risk mitigation measures as needed to help ensure consistent, effective and efficient security administration and control.
Provide Security Governance for multiple Infrastructure towers regarding their implementation of Security for the company.
Provide oversight of Security Incident Response Process and methodology.
Requires practical knowledge in the strategic fields of Information Systems, Information Technology, Information Security and Risk Management Strategy, and Information Management Systems.
These areas include network and telecommunications associated with Audit and Information Technology Security components and, operational practices including virus protection, vulnerability management, encryption, firewalls, access control, identity management, data loss prevention, data privacy, Security Response, DR, etc…
Requires knowledge of program management and consulting concepts and methods to effectively lead and coordinate IT security initiatives and other IM teams.
Requires the ability to analyze Business and Security Risk environment, and review and address any issues found.
Requires knowledge of security architectures and the ability to review architectures through gap analysis for recommendations regarding alternative risk mitigation solutions.
Requires the ability for security process and policy development based on industry standards such as ISO, NIST, FISMA, etc.. Requires excellent communication skills to translate complex IT concepts for Business decisions.
Requires experience to understand and implement operational level security strategies, policies, legislative requirements, standards and objectives required for the Corporation. Requires diverse experience leading teams for large scale IT initiatives including experience in all facets of Program Management.
Requires an understanding of information management concepts to improve security information posture through a combination of technologies and practices.
Requires experience to understand the corporate organization, its function and its security demands and implication.
Requires excellent team building and capabilities to gain consensus across organizations.
Requires seasoned skills in coordinating multiple information security programs of work, vendor negotiation, and cross-tower coordination with HR, Legal, Compliance, internal Business Units, and external 3rd parties.
Interaction is required with: company and client Executives; Directors and Managers, Business Unit Executives, security vendor account representatives, and possibly external law enforcement agencies.
The Senior Security Officer will have direct accountability to the CISO for North America and Client Executives.
Director Level experience and Security certifications preferred
– CISSP Certification required
– Outsourcing Consulting experience desired
– Cybersecurity certifications desired
– People management
Position location in Toronto, Ontario, Canada
Travel – 30% – 40% when required
With more than 190,000 people, Capgemini is present in over 40 countries and celebrates its 50th Anniversary year in 2017. A global leader in consulting, technology and outsourcing services, the Group reported 2016 global revenues of EUR 12.5 billion (about $13.8 billion USD at 2016 average rate). Together with its clients, Capgemini creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore, its worldwide delivery model.
Learn more about us at www.capgemini.com.
Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
Click the following link for more information on your rights as an Applicant: http://www.capgemini.com/resources/equal-employment-opportunity-is-the-lawApply now