Cybersecurity Compliance Analyst (SASE/GRC)

Choose a partner with intimate knowledge of your industry and first-hand experience of defining its future.Select your locationSelect your locationIndustriesChoose a partner with intimate knowledge of your industry and first-hand experience of defining its future.Inverness# Cybersecurity Compliance Analyst (SASE/GRC)## About the role you’re consideringWith incidents of cyber-crime frequently in the news, our clients are increasing conscious of the need to protect their systems and data. Our Protective Monitoring service allows our customers to monitor, detect and respond to cyber threats and safeguard their valuable assets, ensuring peace of mind in an increasingly digital landscape.Successful candidates will leverage their existing experience with monitoring technologies, predominantly SASE systems and security automation tools, to enhance our cybersecurity measures. This role offers the opportunity to further develop and apply advanced skills and expertise in a rapidly Compliance and GRC field, contributing to our proactive defence strategies.Hybrid working: The places that you work from day to day will vary according to your role, your needs, and those of the business; it will be a blend of Company offices, client sites, and your home; noting that you will be unable to work at home 100% of the time.## **Your Role**The Cybersecurity Compliance Analyst (SASE/GRC) will audit and report to the account security manager on the SSE services ensuring that they are performing security services.They will:* Continuously monitor SASE security services (Security Service Edge) and assess and report compliance.* Undertaking scheduled compliance checks in line with the Audit and Compliance Activity plan and continuously identifying processes that require new compliance checks to be initiated, following through with those activities.* Supporting the ISMS Manager to plan and co-ordinate internal and supplier audits, track remediation of Non-conformities, and facilitate audits conducted by external auditors.* Maintenance of process documentation and tracking of the Security team’s obligations to identify any gaps and ensure progression is made.* Assess and report compliance activities as part of monitoring and auditing processesYou can bring your whole self to work. At Capgemini, striving for equity, diversity and inclusion is part of everyday life, and will be part of your working reality. We have built an inclusive and welcoming environment, for everyone.## **Your skills and experience*** ISO 27001 Lead Auditor or equivalent GRC and auditing experience, including managing non-conformities through to completion.* Professional experience in SOC tooling such as SIEM and Endpoint services (Splunk, Microsoft Sentinel, Defender for Endpoint etc).* Relevant industry certifications (e.g., Fortinet, Zscaler, Palo Alto) and strong understanding of network and endpoint security, firewalls, intrusion detection/prevention systems (IDS/IPS).* Strong analytical and problem-solving skills with knowledge of security best practices and concepts.* Comprehensive expertise across SOC tooling, network and endpoint security, and auditing aligned with ISO 27001 standards.**Accountable to**You will be accountable to the Account Security ManagerCapgemini is proud to be under the UK Government’s Disability Confident scheme.As part of our commitment to inclusive recruitment, we will offer an interview to all candidates who:Declare they have a disability, andMeet the minimum essential criteria for the role.**Please opt in during the application process.**To be successfully appointed to this role, it is a requirement to obtain Security Clearance (SC) and National Police Personnel Vetting (NPPV) to level 3. To obtain SC clearance, the successful applicant must have resided continuously within the United Kingdom for the last 5 years, along with other criteria and requirements.Throughout the recruitment process, you will be asked questions about your security clearance eligibility such as, but not limited to, country of residence and nationality. Some posts are restricted to sole UK Nationals for security reasons; therefore, you may be asked about your citizenship in the application process.You’d be joining an accredited Great Place to work for Wellbeing in 2024. Employee wellbeing is vitally important to us as an organisation. We see a healthy and happy workforce a critical component for us to achieve our organisational ambitions.To help support wellbeing we have trained ‘Mental Health Champions’ across each of our business areas, and we have invested in wellbeing apps such as Thrive and Peppy.You will be joining one of the World’s Most Ethical Companies, as recognised by Ethisphere for 13 consecutive years. We live our values by making ethical business choices every day. Working ethically is at the centre of our culture at Capgemini, meaning you will be helping to create a future we can all be proud of.You will reimagine what’s possible: creating value for the world’s leading organisations through technology to build a sustainable, more inclusive future. You will work with a range of clients all with a unique set of business, technological and societal ambitions, which will make a real impact across the UK.Capgemini. Make it real.## **Why you should consider Capgemini**Growing clients’ businesses while building a more sustainable, more inclusive future is a tough ask. When you join Capgemini, you’ll join a thriving company and become part of a collective of free-thinkers, entrepreneurs and industry experts. We find new ways technology can help us reimagine what’s possible. It’s why, together, we seek out opportunities that will transform the world’s leading businesses, and it’s how you’ll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge, and always pushing yourself to do better, you’ll build the skills you want. You’ll use your skills to help our clients leverage technology to innovate and grow their business. So, it might not always be easy, but making the world a better place rarely is.## Job Description - Grade SpecificResponsible for single region, single service client delivery.Standard compliance demands like IS27001Experience levelExperienced ProfessionalsLocationInvernessProfessional communitiesCybersecurity