Cybersecurity SME

At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities,collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow.Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose.

 Your role 

Work closely with vendors, platform teams and subject matter experts (SMEs) where necessary in order to drive out architectural decisions, design statements and exceptions.

Take the lead on solving security challenges and issues where the problem scenario is not covered by a pattern, standard or existing strategy.

Surface strategic and architectural decisions through the approved governance or oversight channels as defined by the banks operating model.

Where embedded within a project, act as a primary resource ensuring commitment to attend all appropriate calls and meetings in order to provide the level of support required.

Acts as a buffer between the speed of continuous integration and the need for strategic security and managing overall business and security risks

Act as the first point of contact for IT Security questions and queries

Participate in IT Security engagement activities (e.g. risk assessment and threat modelling sessions, security risk review etc.);

Identify security risks as they arise, communicate it as appropriate and ensure relevant stakeholders are involved for the adequate mitigation or remediation

Provide guidance to the teams and stakeholders of IT Security by referring to policies and standards

Promote the adoption of security tooling in line with the development lifecycle and HSBC approved toolset;

Identify and make recommendations geared at increasing teams velocity through self-sufficiency in terms of IT Security

Educate teams in terms of their security capabilities

Identify, engage and establish relationships with key stakeholders

Assess Dev team IT Security profile, controls, and level of engagement

Provide advice and guidance to relevant stakeholders about the IT Security engagement model improvement

 Your profile 

Industry recognised Information Security and Cyber Security qualifications is essential e.g. CISSP, CISA, OSCP, GIAC GPEN, GIAC GMOB

Strong understanding of security industry trends, hot topics, commercial and vendor capability awareness

Strong understanding of the security threat landscape, awareness of major historical and recent vulnerabilities, awareness of security industry responses to significant threats

Strong understanding of Zero Trust security including detailed knowledge of concepts, industry whitepapers and practical implementations

Educated to degree level desirable but not essential

Experience supporting major programmes and other project based activities

Security Architecture or Security Solution Architecture experience

Experience in creating, reviewing and approving security designs

Experience with collaboration and knowledge management tools such as SharePoint, Teams, Confluence and JIRA

Hands on experience in working with DevOps and Agile teams following a secure software development lifecycle. Should be able to provide hands on leadership in improving automation and incorporating security as part of the CI/CD pipeline.

Good to have experience in application risk assessment, threat modelling.

Work closely with delivery teams to develop and monitor security risk remediation programme activities and actions to ensure delivery within acceptable timelines

Proficient in application security review of Web, Mobile (Android and iOS), and API etc.

Ability to assess and identify any possible vulnerabilities in technology being developed prior to implementation

Good at application Security Testing like SAST, DAST and MAST experienced in web application, API Security, and mobile application security testing in conformance to various industry standards like OWASP top 10, SANS top 25 etc.

 What you will love about working here 

We recognize the significance of flexible work arrangements to provide support. Be it remote work, or flexible work hours, you will get an environment to maintain healthy work life balance.

At the heart of our mission is your career growth. Our array of career growth programs and diverse professions are crafted to support you in exploring a world of opportunities.

Equip yourself with valuable certifications in the latest technologies such as Generative AI.