Capgemini Sr Secruity Consultant in Irving, Texas

Cyber Risk Professional Consultant (GRCP)

Job Summary: This position is responsible for working with clients to assess and identify the potential risks that may hinder the Confidentiality, Integrity or Availability of the client’s assets, growth or reputation. The role of the Risk Management Consultant within the GRCP Domain provides a broad range of services to address the information security, risk and compliance needs of our clients on an individual, case-by-case basis. Our Risk Management Consultants help clients identify vulnerabilities and assess real business risk, meet PCI, HIPAA, GLBA, FISMA, ISO 27002 and other security compliance mandates, develop security and governance programs that fit a client’s environment, and help them mitigate and (as necessary), recover from a cybersecurity event.

Responsibilities: Work with auditors and technical subject matter experts to satisfy internal and external audit requirements and GRC-specific mandates, and to further identify and implement opportunities for automation or efficiencies to improve governance/audit controls within a client organization.

  • Establish and oversee formal risk analysis and self-assessments program for various Information Services systems and processes.

  • Help ensure compliance with GRC-specific mandates based on business infrastructure sector or industry directives relating to client operations.

  • Establish and oversee a formal vulnerability and testing program.

  • Liaise with Internal Audit, Corporate Compliance, Office of General Counsel and Risk Management to remediate new and outstanding issues; track security-related issues in the electronic GRC system.

  • Oversee and/or enforce security Policies, Practices, Procedures & Controls between client and all contractor parties based on defined SLA and SOW.

  • Ensure policies are reviewed and updated on a regular schedule.

  • Promote and monitor corporate Cyber Security awareness initiatives.

  • Develop, promote and monitor the training and indoctrination of Security Risk Management, GRCP and Security Awareness by working with business units to ensure data is properly classified and (where applicable), applications are appropriately monitored for risk.

  • Maintain expertise on security trends through training, research and development in order to mitigate potential security exposures.

  • Advanced knowledge surrounding a security-specific area of focus

  • (UEBA, IDS, Forensics, AppSec, OWASP, data analytics).

  • Ability to travel between 25% and 50% of the work period, as directed.

  • As needed, manage, coach, lead and develop a small staff of GRC personnel.

  • Train other staff and external clients as necessary.

Required Skills: - Ability to work independently with or without direction and/or supervision.

  • Ability to prioritize and multitask. Flexibility and adaptability in work approach.

  • Calmness and clarity of thought under pressure and ability to maintain confidentially.

  • Strong written and verbal communication skills.

  • Demonstrated leader with team-oriented interpersonal skills

  • Ability to effectively interface with a broad range of people and roles (e.g., QA, DevOps, Auditing, Scheduling).

  • Understand how to affect change in modifying an SDLC toward a “Shift-left” methodology.

  • Manage schedules, development tasks and SDLC methodologies where Security issues may apply.

Qualifications: - In-depth understanding of industry security frameworks.

  • Advanced knowledge of risk assessment design and delivery.

  • A bachelor’s degree or related Professional Certifications (CISSP, CISA, CISM, ITIL, ISO 27k, GDPR).

  • Graduate degree in a related discipline is preferred.

  • Proven work history of at least five years in a GRCP or Risk Management-related role is required.

  • Knowledgeable of governance, risk and compliance systems and how to design a GRC framework.

Location : Anywhere in the USA with travel expectations.

Please note we are not hiring any candidates that require H1B or work visa assistance or permits.

Job: Infrastructure

Organization: CIS US PandC

Title: Sr Secruity Consultant

Location: TX-Irving

Requisition ID: 037588

Other Locations: US-SC-Columbia, US-Maryland, US-Arizona, US-Washington, US-GA-Atlanta, US-NY-New York, US-IL-Chicago