Information Security Consultant
WHAT MAKES US DIFFERENT?
We are a global technology and management consultancy firm focused on financial services. Our professionals combine innovative thinking with unrivalled industry knowledge to offer clients consulting expertise, complex technology and package integration, transformation delivery, and managed services, to move their organizations forward.
We promote a ﬂat, non-hierarchical structure that will enable you to work on projects with senior partners and directly with clients
WHY WORK FOR CAPCO?
When you join Capco, you will work on engaging projects with some of the largest banks in the world, projects that will transform the financial services industry. We offer you opportunities for ongoing learning, a culture that’s a true meritocracy and the freedom to be your authentic self at work.
As we grow, you will grow, and you can add value and make an impact right away.
» A work culture focused on innovation and creating lasting value for our clients.
» Ongoing learning opportunities to help you acquire new skills or broaden and deepen existing expertise.
» Our Capco Schools and leadership development programs are the heart of our global learning experience.
» A ﬂat, non-hierarchical structure that will enable you to work on projects with senior partners and directly with clients.
» Potential opportunities to work in other locations and practice areas.
» An environment where work, leisure, social and professional life are in balance.
» A diverse, inclusive, meritocratic and international culture.
LET’S GET DOWN TO BUSINESS
The key role as Information Security Consultant is to deliver specific high added value information security and business advices to the clients no matter the industry (banking, healthcare, utilities), to design complex solutions and to guide the implementation of these solutions. More specifically you will:
- Commit to following objectives: enable the extended enterprise, counter cybercrime, protect information systems (on-prem/cloud) and manage information security risks
- Develop and conduct information security audits (gap analysis, maturity analysis) and risk assessments (at process, information system, data, cloud and cybersecurity levels)
- Develop and conduct threat analysis, identify and prioritize threats, execute threat modelling, identify counter-measures (existing or missing ones), operate and populate a threat knowledge management tool, …
- Commit to a Data Privacy Impact Assessments (DPIA)
- Commit to a pentesting and analyze the results
- Responsible for the development and implementation of global security policy (strategic and tactical), standards and guidelines on information security for various industries
- Organise the interaction with teams in and outside your domain. You align stakeholders within all levels of the organisation, from CIO to engineers and from product owners to internal users
- Elaborate and follow-up a corrective action plan
- Enable sound and formal information security risk decision making by management
- Generate reports and share necessary information with appropriate stakeholders
- Collect and share with the clients - and CAPCO - cyber threat intelligence information/data
- Maintain core security controls by using threat intelligence data to adapt posture to threats
- Coordinate and advise in the event of security incidents and, if necessary, take action in the event of calamities.
- Establish and initiate information security awareness programs and advise on information and training of users in the correct handling of information (systems).
SHOW US WHAT YOU’VE GOT
Definitely show us:
- Strong interest in all fields of information security (legal/compliance, technical/ICT and business/human)
- At least 2 to 3 years of experience, and expertise within the domain of Information or Cyber Security
- Being able to work and liaise with various stakeholders, ranging from very technical to very non-technical
- Preference for transversal and coordinating roles
- Excellent analytical, reporting and presentation skills
- Fluency in English and French or Dutch
Good to show us:
- Knowledge of, experience with security standards e.g.: ISO 27k-series, 22301, CSA, NIST, PCI DSS
- Knowledge of applicable legal & regulatory frameworks, local & European, general & industry-specific
- Experience with governance frameworks, ISMS, implementing guidelines & policies, training & awareness
- Experience with IAM, BCP/DPR, cryptography, anonymization techniques, privacy & risk assessments, audits
- Qualifications, certifications pertinent to Information or Cyber Security
- Concrete experience, qualifications, certifications as a project manager, process manager or business analyst
NOW TAKE THE NEXT STEP
If you are looking forward taking your career to the next step, we are looking forward receiving your application.
If you are looking for a new challenge in Financial Services and you want to learn more, want to grow more, get recognized more and contribute more, then what are you waiting for?
Life comes down to a few key moments: this is one of them.
Something looks off?