Managing Consultant – Cybersecurity (Cloud and DevOps) – Financial Services
Who you’ll be working with
Capgemini Consulting is the global strategy and transformation consulting organisation of the Capgemini Group, specialising in advising and supporting enterprises in significant transformation, from innovative strategy to execution and with an unstinting focus on results. With the new digital economy creating significant disruptions and opportunities, our global team of over 3,600 talented individuals work with leading companies and governments to master Digital Transformation, drawing on our understanding of the digital economy and our leadership in business transformation and organisational change.
In the financial services sector, Capgemini helps banks and insurance companies re-shape their business models and operations, adopting new technology innovations such as cloud, big data and mobility to make their operations more efficient and provide improved customer experience that satisfies “millennials” and long-standing customers alike.
Main Purpose Of Role
Our Cybersecurity practice help our customers protect their digital assets and technology enabled business processes in order to reduce business value at risk, ensure compliance with regulations and build trust with customers and stakeholder. We do this by deploying experts to evaluate cyber risks, redesign their security operating models, run programmes to drive security culture change amongst their people, embed security controls into their processes and deploy technical security solutions.
As our financial services clients shift to cloud based infrastructure and adopt new IT operating models that incorporate Agile and DevOps techniques, you will help our clients rethink and rework their security and compliance regimes to make them efficient and effective.
Additionally you will be a major contributor to Capgemini’s Cybersecurity offer, in close collaboration with our Capgemini UK IT security practices.
As a Managing Consultant, you’ll lead the development of domain expertise and methods in areas of consulting capability and / or industry or sector knowledge. Managing Consultants are mentors in the business and key points of contact for clients. You’ll manage projects without daily oversight from Principals or VPs, and be at the forefront of identifying new sell-on opportunities within accounts to which you deliver.
You will work on the pursuit and delivery of consulting services assisting our financial services clients incorporate security best practice into their Cloud and DevOps/Agile environment by:
• Developing new security strategies to manage emerging risks in cloud & agile/DevOps operating environments;
• Developing new policies and procedures to address these emerging risks such as Security blueprints, Secure Frameworks, Secure coding standards and Common Security Services/APIs;
• Devising transformations plans for their security and compliance processes to incorporate revised strategies; and
• Managing the transition to revised security and compliance processes including evangelising and orchestrating the changes and educating client teams.
You will have a strong desire to be part of, and contribute to, the growth and success of a top-tier consulting practice, contributing to our offers, our knowledge and our overall strategic goals.
Skills and Experience
You’ll bring experience of proven delivery success in the Cybersecurity space, particularly in the areas of IT security policy, IT security architecture, IT security processes and IT security strategies and also demonstrate management consulting competencies such as people and change management, programme management, business process design, transformation and employee processes.
You will be competent and experienced in the following:
• Cybersecurity best practice such as:
o Security Strategy and Target Operating Model;
o Security Maturity Model, health assessments, and privacy impact assessments;
o Governance, risk and compliance (GRC) assessment and recommendations;
o Standards (i.e. ISF Standards of Good Practise, ISO 27001/2, HMG Security Policy Framework, PCI-DSS, PASS 555, COBIT, NIST;)
o Security Architecture
• Security considerations in Cloud and DevOps tools and techniques such as:
o Process & design – SDLC/DevOps, Change Control, Security Operations
o Automation/configuration management using Puppet, Ansible or equivalent
o Cloud based technologies and infrastructure design, including AWS technologies
o Code and script such as PHP, Python, Perl and/or Ruby
o Service infrastructure design ideally in high volume consumer facing environments. E.g. CloudFormation, VPC
o Open source software within a Linux platform using continuous integration methodologies, tooling and techniques. E.g. Jenkins, Boto
You will also have one or more security qualifications such a Masters in Information Security or a certification in security management (e.g. CISM, CISA, GSLC, CISSP or similar)
You’ll be keen to work within an ambitious consulting environment, where you’ll want to contribute to our growth and success; contributing to our offers, our knowledge and our overall strategic goals. Our business culture is collaborative and supportive – we place a large emphasis on developing the careers of our team and supporting each other across the practice, where team players bring a passion for transforming business through enabling technology. You’ll also bring excellent communication skills and the confidence to influence senior stakeholders.