GRC (Governance, Risk, Compliance) Consultant
Miejsce pracy: Kraków
Other possible locations are: Katowice, Opole, Lublin.
Desired Skills and Experience:
- Knowledge of ISO 9001, ISO 20000, ISO 27001 and PCI-DSS and of the global data security regulatory environment
- Proficiency in performing risk, business impact, control and vulnerability assessments using manual or automated tools
- Strong written and oral communication skills
- Organized, responsive and highly thorough problem solver
- Bachelor’s degree (or above) of computer science, network engineering, or relevant security-related experience
- Ability to research and interpret new rules and regulations
- Having one of the following certifications is helpful, but not required: CISA, CISSP, CRISC, CISM, or PCI-DSS ISA
As a Security GRC (Governance, Risk, Compliance) Specialist, your role is important in helping Capgemini uphold its commitment to compliance and security leadership with our customers. We’re looking for someone with a drive for excellence, adherence to compliance, and a demonstrable passion for security – if you have a favorite security principle we’d love to talk to you!
Typical tasks and responsibilities for this security specialist are:
- Ensure that compliance requirements and IT risk management are fulfilled in service operations
- Ensure and maintain security requirements in the services, technical infrastructure and ways of working
- Establish and maintain a governance framework for compliance and control of internal, customer, and international requirements (ISO 27001, PCI DSS, etc.)
- Able to manage both an internal and external audit function for customers and external audits both as a solo auditor and as an audit team leader
- Provide assistance and guidance to management and staff regarding compliance issues, firm policies and procedures, and industry regulations
- Track security and compliance-related KPIs and metrics, and assist with reporting on those metrics to senior management
- Function under minimal direction and guided by specific objectives or statements from contracts and SOW, contract deliverables, and outcome metrics
- Perform other compliance-related tasks as assigned
By joining us you will become a part of independent team of professionals focusing on results in dynamic, fast paced projects environment, specifically in area of GRC/Security.
We promise you will never be bored with monotonic, day to day operational tasks. Instead, you will be tackling challenges requiring analytical and creative thinking. Our strategy assumes growth through which we will bring an accessible set of consulting skills to the market. We strive for our consultants to be well balanced between business and technology areas.
Being part of us is a steep learning curve but also a lot of fun deriving from the culture of our team. Oh, and did we mention the travelling to collaborate with our partners from around the world? Here’s a thought, if you think you’ve got what it takes and are equally excited about technology, we should at least have a chat.
What we offer?
- Working in a close-knit team and a friendly atmosphere
- Development of expert or leader competences
- Bonuses, including those for recommending new employees
- A wide range of training and co-financing of courses
- Possibility to work from home
- Packages to facilitate relocation
- Attractive package of additional benefits (fitness, gym, cinema, etc.) – you choose what you want
- Integration events and joint celebrations
- An annual family picnic
- Employee volunteering opportunities and interesting CSR projects
- Additional life insurance
- Disability inclusion Assistive technologies Reasonable accommodations
- Private medical care, also for your family
- Carpooling and bicycle parking
Capgemini is one of the leading global companies offering consulting, The Cloud is fashionable - everyone’s talking about it, many use it, but few knows what it consists of, how it works, how to access it, and how to take care of it.
It is us, Cloud Infrastructure Services, who understand the subject thoroughly. From high level services,through managing equipment and operating systems, internal or access networks tomanaging applications, IT operations, availability, configurations, and changes. By working in an international environment… we use a number of foreign languages.