Capgemini Manager, Cyber Security Services & Operations (GRCP) in Irving, Texas
Manager, Cyber Security Services & Operations (GRCP)
Job Summary: This position is responsible for oversight, development and coordination of the Governance, Risk and Compliance program with client’s Cyber Security initiatives at the senior level. This position is responsible for working with senior managers and executive sponsors within our client organizations to define, classify and mitigate vulnerabilities and assess client-specific and sector-specific business risks, meet GRC-defined mandates (e.g., GDPR, PCI, HIPAA, GLBA, FISMA, ISO 27k, etc.), and other security compliance directives.
Responsibilities: Directly responsible for Policies, Procedures & Controls to assure both Governance as well as Compliance with applicable regulatory and legal requirements in balance with client’s level of Risk Exposure.
Establish and oversee formal risk analysis and self-assessments program for various Information Services systems and processes.
Work with executive sponsors, or serve as proxy CSO/CISO to provide an Executive level perspective of how to build and support a comprehensive cybersecurity program and how to measure “success” of the program for reporting to the Board and other Executives.
Enforce policies (as directed by the client or developed based on SOW/SLA/MSA) to ensure compliance with GRC-specific mandates based on business infrastructure sector or industry directives relating to client operations.
Establish and oversee a formal vulnerability and testing program.
Liaise with Internal Audit, Corporate Compliance, Office of General Counsel and Risk Management to remediate new and outstanding issues; track security-related issues in the electronic GRC system.
Oversee and/or enforce security Policies, Practices, Procedures & Controls between client and all contractor parties based on defined SLA and SOW.
Ensure policies are reviewed and updated on a regular schedule.
Promote and monitor our corporate wide IS Security awareness program.
Develop, promote and monitor the training and indoctrination of Security Risk Management, GRCP and Security Awareness by working with business units to ensure data is properly classified and (where applicable), applications are appropriately monitored for risk.
Maintain expertise on security trends through training, research and development in order to mitigate potential security exposures.
As needed, manage, coach, lead and develop a small staff of GRC personnel.
Train other staff and external clients as necessary.
Required Skills: Ability to work independently with or without direction and/or supervision.
Ability to prioritize and multitask. Flexibility and adaptability in work approach.
Calmness and clarity of thought under pressure and ability to maintain confidentially.
Strong written and verbal communication skills.
Demonstrated leader with team-oriented interpersonal skills
Ability to effectively interface with a broad range of people and roles.
Accept responsibility and personal accountability.
Manage schedules, development tasks and SDLC methodologies where Security issues may apply.
Qualifications: In-depth understanding of industry security frameworks.
Advanced knowledge of risk assessment design and delivery.
A Master’s Degree or multiple related Professional Certifications (CISSP, CISM, GIAC).
Proven work history of at least eight to ten years in a GRCP or Risk Management-related role is required.
Knowledgeable of governance, risk and compliance systems and how to design a GRC framework.
Location : Anywhere in the USA with travel expectations.
Please note we are not hiring any candidates that require H1B or work visa assistance or permits.
Organization: CIS US PandC
Title: Manager, Cyber Security Services & Operations (GRCP)
Requisition ID: 036063
Other Locations: US-SC-Columbia, US-Maryland, US-Arizona, US-Washington, US-GA-Atlanta, US-NY-New York, US-IL-Chicago