System Security Engineer

About Capgemini

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion

Job Description

Provide security expertise and management services to support Authority in activities such as:
• Internal/external audits (IM8, Cybersecurity, etc)
• Policies compliance (IM8, Cybersecurity, etc), work with vendor on:

- Vulnerability management compliance reports and patch reports
- Filing of documents and Security Scorecard for audit purpose, to produce it as required
- Monthly logs review. e.g., privilege user activities
- Vulnerability/ Compliance Assessments
- Penetration Tests and Source Code Reviews

• Disaster Recovery (DR) and Business Continuity Planning (BCP):

- All relevant activities related to the DR and BCP planning
- Checks on system backup completion by vendor and datacentre
- Document update and implementations.

• ICT/Threat Risk Assessments (TRA)
• Monthly reviews of privileged accounts and non-privileged account, disable inactive accounts
• Seek security waivers (IM8, Cybersecurity Act, Circulars etc)
• Circulate security notifications/alerts to vendors and ensure status updates too all stakeholders including cybersecurity centre
• Security monitoring/tracking:

- Monitor alerts from SOC
- Update stakeholders regarding SOC alerts
- Review compliance reports with vendors to ensure that system is compliant
- Manage, track and update any security incidents/ issues to all stakeholders
- Review Incident Report (if any)

• Patching:

- Ensure patches are tested and verified before seeking approval for patching downtime
- Communicate system downtime to all stakeholders
- Ensure system availability after patching is completed

• Obsolescence management for software licenses, hardware, operating systems and certificates
• Security enhancement/integration
• Support the submission of security clearance for related vendors
• Perform other related duties as assigned or requested

Job Requirement

• Diploma or Bachelor’s Degree in Cybersecurity/InfoSec/Information Technology/Information Systems/Business IT or its equivalent
• Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications
• Minimally 1-2 years of experience in cybersecurity and supporting mission critical systems with very stringent SLA e.g. 99.9%
• Well-versed in cybersecurity best practices and establishing of its policies
• Well-versed in IT Service Management (ITSM) standards, processes, guidelines and best practices
• Able to cope in a highly pressured fast-paced environment
• Prior working experience in cyber security and vulnerability management is preferred
• Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls
• Able to understand security posture of systems
• Prior working experience in Project Management is a plus point
• Able to understand the system and software architecture, and user operations environment
• Willingness to pick up any new technologies

Let's talk about what's in it for you!

Passionate people are Capgemini's Ace of Spades - join us to discover a career that will challenge, support and inspire you. Working at Capgemini you'll find the rewards are more than just financial. You will work alongside some very smart and inspiring people on exciting projects and you will also enjoy incredible benefits. We offer flexible work practices and 40 hours of self-development every year with a huge selection of learning opportunities to choose from.

As "Architects of Positive Futures", Capgemini actively supports the community in 3 ways:

Diversity and Inclusion - we believe diversity of thought fuels excellence and innovation, which is why we positively encourage applications from suitably qualified candidates regardless of their gender identity, ethnicity, sexual orientation, religion, ability, intersex status or age. To support our commitment to diversity and inclusion, we celebrate special events and days of significance that are important to our employees such as Diwali, Bastille Day, Pride, IDAHOBIT, IWD and International day of people with Disabilities. Our Employee Resource Groups Women@Capgemini and OutFront support the grassroots passion of employees to drive our diversity agenda and effect change.

Digital inclusion - at Capgemini we are using our skills to drive social impact initiatives focusing on helping society address the impact of the digital and automation revolution. We also provide employees with opportunities to give back to the community through charity projects and volunteer days.

Environmental Sustainability - Capgemini joined the CDP's (Carbon Disclosure Project) prestigious "A list" for its commitment to the Net-Zero economy. We are focusing on helping our clients transform towards more sustainable business models and committing to reduce our own carbon emissions (GHG) by 20% per employee by 2020.

Recognized by Ethisphere as one of the World's Most Ethical Companies for the last 8 years in a row, ethics and values are at the heart of Capgemini's corporate culture and business. Embedded in our DNA, our seven values - Honesty, Boldness, Trust, Team Spirit, Freedom, Fun and Modesty - have remained the same since company inception in 1967. To see how we bring these values to life, click here to listen to some of our employee’s stories.

Come join us, bring your whole self to work, create new possibilities for you, your customers and your community and help us to be Architects of Positive Futures.

About Capgemini

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion

Job Description

Provide security expertise and management services to support Authority in activities such as:
• Internal/external audits (IM8, Cybersecurity, etc)
• Policies compliance (IM8, Cybersecurity, etc), work with vendor on:

- Vulnerability management compliance reports and patch reports
- Filing of documents and Security Scorecard for audit purpose, to produce it as required
- Monthly logs review. e.g., privilege user activities
- Vulnerability/ Compliance Assessments
- Penetration Tests and Source Code Reviews

• Disaster Recovery (DR) and Business Continuity Planning (BCP):

- All relevant activities related to the DR and BCP planning
- Checks on system backup completion by vendor and datacentre
- Document update and implementations.

• ICT/Threat Risk Assessments (TRA)
• Monthly reviews of privileged accounts and non-privileged account, disable inactive accounts
• Seek security waivers (IM8, Cybersecurity Act, Circulars etc)
• Circulate security notifications/alerts to vendors and ensure status updates too all stakeholders including cybersecurity centre
• Security monitoring/tracking:

- Monitor alerts from SOC
- Update stakeholders regarding SOC alerts
- Review compliance reports with vendors to ensure that system is compliant
- Manage, track and update any security incidents/ issues to all stakeholders
- Review Incident Report (if any)

• Patching:

- Ensure patches are tested and verified before seeking approval for patching downtime
- Communicate system downtime to all stakeholders
- Ensure system availability after patching is completed

• Obsolescence management for software licenses, hardware, operating systems and certificates
• Security enhancement/integration
• Support the submission of security clearance for related vendors
• Perform other related duties as assigned or requested

Job Requirement

• Diploma or Bachelor’s Degree in Cybersecurity/InfoSec/Information Technology/Information Systems/Business IT or its equivalent
• Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications
• Minimally 1-2 years of experience in cybersecurity and supporting mission critical systems with very stringent SLA e.g. 99.9%
• Well-versed in cybersecurity best practices and establishing of its policies
• Well-versed in IT Service Management (ITSM) standards, processes, guidelines and best practices
• Able to cope in a highly pressured fast-paced environment
• Prior working experience in cyber security and vulnerability management is preferred
• Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls
• Able to understand security posture of systems
• Prior working experience in Project Management is a plus point
• Able to understand the system and software architecture, and user operations environment
• Willingness to pick up any new technologies

Let's talk about what's in it for you!

Passionate people are Capgemini's Ace of Spades - join us to discover a career that will challenge, support and inspire you. Working at Capgemini you'll find the rewards are more than just financial. You will work alongside some very smart and inspiring people on exciting projects and you will also enjoy incredible benefits. We offer flexible work practices and 40 hours of self-development every year with a huge selection of learning opportunities to choose from.

As "Architects of Positive Futures", Capgemini actively supports the community in 3 ways:

Diversity and Inclusion - we believe diversity of thought fuels excellence and innovation, which is why we positively encourage applications from suitably qualified candidates regardless of their gender identity, ethnicity, sexual orientation, religion, ability, intersex status or age. To support our commitment to diversity and inclusion, we celebrate special events and days of significance that are important to our employees such as Diwali, Bastille Day, Pride, IDAHOBIT, IWD and International day of people with Disabilities. Our Employee Resource Groups Women@Capgemini and OutFront support the grassroots passion of employees to drive our diversity agenda and effect change.

Digital inclusion - at Capgemini we are using our skills to drive social impact initiatives focusing on helping society address the impact of the digital and automation revolution. We also provide employees with opportunities to give back to the community through charity projects and volunteer days.

Environmental Sustainability - Capgemini joined the CDP's (Carbon Disclosure Project) prestigious "A list" for its commitment to the Net-Zero economy. We are focusing on helping our clients transform towards more sustainable business models and committing to reduce our own carbon emissions (GHG) by 20% per employee by 2020.

Recognized by Ethisphere as one of the World's Most Ethical Companies for the last 8 years in a row, ethics and values are at the heart of Capgemini's corporate culture and business. Embedded in our DNA, our seven values - Honesty, Boldness, Trust, Team Spirit, Freedom, Fun and Modesty - have remained the same since company inception in 1967. To see how we bring these values to life, click here to listen to some of our employee’s stories.

Come join us, bring your whole self to work, create new possibilities for you, your customers and your community and help us to be Architects of Positive Futures.