A global leader in
consulting, technology services and digital transformation, Capgemini is at the
forefront of innovation to address the entire breadth of clients� opportunities
in the evolving world of cloud, digital and platforms. Building on its strong
50-year heritage and deep industry-specific expertise, Capgemini enables
organizations to realize their business ambitions through an array of services
from strategy to operations. Capgemini is driven by the conviction that the
business value of technology comes from and through people. It is a
multicultural company of over 200,000 team members in more than 40 countries.
The Group reported 2018 global revenues of EUR 13.2 billion.
The Cloud Infrastructure
Services Global Business Line is Capgemini’s consulting and infrastructure
build-and-run provisioning offering, and supports the group’s cloud-based
services. As part of the integrated cloud offering from Capgemini, Cloud
Infrastructure Services delivers a broad range of cloud services to build and
support the hybrid cloud estate by encompassing the leading public cloud
players and leading private cloud technologies. With EUR 1.5 billion annual
revenue, Cloud Infra Services helps clients virtualize and optimize their IT
estates through infrastructure outsourcing services such as data center,
helpdesk, network support, and service integration and service maintenance
support. Our other services also include infrastructure transformation services-helping
clients consolidate and migrate entire workloads and data centers.
Duties and Responsibilities:
Partners with IT and business units to create, document and monitor Managed
Services statements of work. Ensures detection and mitigation controls are
implemented. Responds to violations following incident management processes and
reports out to management.
� Works with IT Platform, Application, System and Network teams to create
Logical, Physical and Data architecture diagrams. Normalizes endpoint behavior,
data access and network traffic. Implements security monitoring and documents
standard operations procedures for the Incident Management Team.
� Works closely with Cyber Security Operation teams to build and maintain
security orchestration, playbooks and automation. Identifies opportunity areas
to increase efficiency and automates manual processes. Creates and updates
standard operating procedures and reports out to management on efficiency
� Implements security monitoring rules, reports and dashboard while
maintaining best practices to ensure maximum security tool efficiency. Monitors
security systems, analyzes events and investigates security-related incidents.
� Creates Threat Hunting models for Endpoints and Network Traffic.
Analyzes endpoint including logging, EDR, IPS and DLP tools. Analyzes network
monitoring including IPS, WAF, PCAP and Netflow tools. Focuses on critical
systems within the clients�s network to detect, respond and handle incidents
related to unauthorized activity, malware, and APTs
� Keeps management within the department informed by communicating
progress, issues, concerns and opportunities. Assesses and immediately notifies
manager of any potential information security breech and security issues that
may have a negative impact on business operations.
� Identifies opportunities to improve the quality, efficiency and
effectiveness of the department as well as the processes that affect the
divisions and the enterprise. Maintains an awareness of the department’s
dashboard and provides suggestions to improve performance.
� Identifies Tactical Intelligence relevant to clients systems. Works with
Incident Management and Threat management to follow incident response
procedures to ensure proper detection, mitigation controls.
� Escalates internal threat issues to the Insider Threat Team.
� Participates in special projects and performs other duties as assigned.
Skills / Qualifications:
the specialized knowledge, experience, and technical skills that must be
applied to meet the position’s responsibilities. Note the minimum years
of work experience needed — general business experience vs. specifically
related experience (e.g., computer skills, LAN knowledge, graphics).
Please list languages, platform, mfr. (e.g. Microsoft), version, and Integrated
Development Environment (IDE). Ex: Visual C, Borland C, C++, Visual
Basic, Java, NT3.51/NT 4.0, Visual Studio ver. 7.0. All qualifications
are assumed to be required unless stated preferred.
� Demonstrated initiative and ability to work independently with attention to
� Demonstrated ability to be flexible and exercise good judgment.
� Demonstrated strong organization and time management skills.
Excellent multitasking and time management skills.
� Experience analyzing endpoint logging, detection, response and forensic
� Experience analyzing netflow, IPS, WAF and PCAP tools.
� Experience creating rules, reports and dashboards in SIEM tools.
� Experience and knowledge of Managed Services.
� Experience creating logical, physical and data architecture diagrams.
� Ability to deal effectively with various levels of business unit crew and
� Knowledge of security administration concepts, theories and practices.
Familiarity with clients enterprise-wide security administration tools.
Undergraduate degree in information technology-related field or equivalent
combination of training and experience.
Position located in Malvern, PA �
Open to candidates willing to relocate
Capgemini is an
Equal Opportunity Employer encouraging diversity in the workplace. All
qualified applicants will receive consideration for employment without regard
to race, national origin, gender identity/expression, age, religion,
disability, sexual orientation, genetics, veteran status, marital status or any
other characteristic protected by law.
This is a general
description of the Duties, Responsibilities and Qualifications required for
this position. Physical, mental, sensory or environmental demands may be
referenced in an attempt to communicate the manner in which this position
traditionally is performed. Whenever necessary to provide individuals with
disabilities an equal employment opportunity, Capgemini will consider
reasonable accommodations that might involve varying job requirements and/or
changing the way this job is performed, provided that such accommodations do
not pose an undue hardship.
following link for more information on your rights as an Applicant – http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law
employment in the US must have valid work authorization that does not now
and/or will not in the future require sponsorship of a visa for employment
authorization in the US by Capgemini.