Security Manager, ISMS Team
Who you’ll be working with
You will be joining a security GRC (Governance Risk and Compliance) team that reports directly to the CISO for Cloud Infrastructure Services Northern Europe. The GRC function sits within a wider Cyber Security delivery team consisting of more than 130 cybersecurity professionals that deliver world class security services to a broad range of blue-chip clients.
The focus of your role
You'll be responsible for ensuring GRC requirements are implemented and maintained across our UK/Northern Europe client base, delivering and maintaining an ISO/IEC 27001:2013 certified Information Security Management System (ISMS).
What you’ll do
- Deliver a certified ISO/IEC 27001:2013 ISMS to meet contractual obligations and that also meets both client and/or Capgemini security policies.
- Ensure all aspects of security governance are in place including formal risk management.
- Provide, when appropriate, high quality security advice and guidance in a timely manner.
- Build and maintain effective working relationships across service lines (Capgemini, client, 3rd Party and Partner contacts).
What you’ll bring
- Proven experience of working with Information Security Management Systems and information security governance.
- A good knowledge of all aspects of Information Assurance and Cybersecurity.
- Experience in implementing/developing security policies and technical documentation.
- Experience in security incident management and investigations.
- Good personnel and physical security skills and experience in security awareness programmes.
- An ability to influence senior management on security best practice.
- An ability to identify and drive security service improvement.
- Good orientation in commercial and organisational business practices and procedures.
- Sound practical working knowledge of ISO/IEC 27001:2013 & ISO/IEC 27002:2013 standards and processes.
- An ability to interpret and apply complex information and be able to explain security requirements to non-specialists.
- Hold or attain professional certification such as CISSP; CISM; CRISC; ISO/IEC 27001:2013 Lead Auditor; Certified Cyber Consultancy experience; CBCI; PCI DSS; Certified Sarbanes Oxley Expert (CSOE); International Association of Privacy Professionals (IAPP) CIPP/E or CIPM or CIPT.
- Existing HMG National Security Vetting or the ability to attain such.
What we’ll offer you
Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.
Why we’re different
At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-ground breaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too.