051721-Application Security SME



About Capgemini

A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients’ opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of over 200,000 team members in more than 40 countries. The Group reported 2018 global revenues of EUR 13.2 billion.


About Infrastructure Services :

The Cloud Infrastructure Services Global Business Line is Capgemini's consulting and infrastructure build-and-run provisioning offering, and supports the group's cloud-based services. As part of the integrated cloud offering from Capgemini, Cloud Infrastructure Services delivers a broad range of cloud services to build and support the hybrid cloud estate by encompassing the leading public cloud players and leading private cloud technologies. With EUR 1.5 billion annual revenue, Cloud Infra Services helps clients virtualize and optimize their IT estates through infrastructure outsourcing services such as data center, helpdesk, network support, and service integration and service maintenance support.  Our other services also include infrastructure transformation services-helping clients consolidate and migrate entire workloads and data centers. 



• Own and perform application security vulnerability management.
• Management of automated application security testing to validate that secure coding best practices are being used.
• Client stakeholder engagement for application security testing
• Leading security vulnerability triage and remediation for development teams
• Participate in and support application security reviews and threat modelling, including code review and dynamic testing.
• Co-ordination of Pen testing activities
• Support and consult with product and development teams in the area of application security.
• Managing the delivery of application security training.

Required Skills:

• Experience of Veracode & NowSecure application security testing tools.
• Familiarity with security principles, controls and common security flaws.
• Experience working with developers.
• Experience with OWASP, static/dynamic analysis, and common security tools.
• Understanding of Agile development in an environment comprising of Cloud based containerised microservices & API’s, mobile and web applications and DevOps automation 
• Familiarity with AWS cloud security controls and best practices.
• Knowledge of DevSecOp techniques & best practices
• Awareness of OpenSAMM Version 2.0
• A basic understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, protocols).
• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner. 
• Optional – Basic development or scripting experience and skills. 

Location- Local to Chicago or remote work options within the USA


Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.


This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.


Click the following link for more information on your rights as an Applicant – http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law


Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.








Posted on:

February 1, 2021

Experience level:


Education level:

Associate's Degree/College Diploma (±13 years)

Contract type: