Global Information Security Manager

About Us

Joining Capco means joining an organisation that is committed to an inclusive working environment where you are encouraged to #BeYourselfAtWork. We celebrate individuality and recognize that diversity and inclusion, in all forms, is critical to success. It is important to us that we recruit and develop as diverse a range of talent as we can. We believe that everyone brings something different to the table – so we would love to know what makes you different.

Capco is a global technology and business consultancy, focused on the financial services sector. We are passionate about helping our clients succeed in an ever-changing industry. 

We are/have:

• Experts in banking and payments, capital markets and wealth and asset management
• Deep knowledge in financial services offering, including e.g. Finance, Risk and Compliance, Financial Crime, Core Banking etc.
• Committed to growing our business and hiring the best talent to help us get there

• Focus on maintaining our nimble, agile, and entrepreneurial culture

This role is within the Global Information Security department within Corporate Services (non-client facing). You will be joining an existing Information Security team, as a Global Information Security Manager. The team manages Information Security across the group globally.

About the role

This is a key role within the Global Information Security team and will report to the Global Chief Information Security Officer. 

As an Information Security Manager, you will get involved in all aspects of Information Security. You will support the Global CISO and the Global Information Security team in creating, setting and ensuring adherence to Capco business and Information Security strategies. The strategy’s purpose encompass how we protect our business from security threats and vulnerabilities and, in addition, ensures client contracts, bids and contracted services effectively meet our security obligations.

Activities will include ensuring security threats and identified risks are managed, consulting on information security issues, monitoring compliance to information security policies, responding to client presale requirements, supplier and business assurance and championing the standards across the group globally.

The role’s location and working model is flexible. It can be remote, hybrid or on-site (Edinburgh or London).

Key Responsibilities

• Influencing the Capco information security policy framework, security processes and improvement programmes.
• Owning specific improvement projects, in-line with the improvement programme.
• Ensuring adherence, across the whole business, to Global polices and standard methods and approaches to ensure services comply with the relevant, current security standards and protocols.
• Supporting the effective monitoring and reporting of all business areas to manage information security vulnerabilities and threats within the global infrastructure and network environments.
• Lead incident management and resolution as required as well as identify and delivery areas of improvement.
• Perform supplier assurance to minimise the supplier risk to Capco, in line with the Information Security Management System.
• Support Information Security contributions to presales ensuring they are aligned to the information security policy framework.
• Manages day-to-day operational matters within the Global Information Security team.

Essential Skills

• The Global Information Security Manager is a recognised information security professional with broad Information Security experience across the key aspects of the role.
• Experience of working in multi-site, complex, IT outsourcing or professional service organisations, ideally within Financial Services.
• Effective people management skills with the ability to indirectly influence others.
• Experience of working with Group colleagues to find resolutions and mitigate security related threats and risks.
• Experience of key security domains; security architecture, supplier risk management, governance, application security, incident management, vulnerability management, network and data security, security operations (SIEM, endpoint, DLP).
• Understanding of the regulatory and audit requirements with respect to information security and privacy issues.
• Understanding and experience applying of one or more security industry frameworks E.g. ISO27001, SSAE 18 (SOC2), NIST.
• Proficiency in time management, communications, decision making, presentation and organizational skills.
• Good decision-making and problem-solving skills.
• Good verbal and written communication skills to technical and non-technical audiences.
• High impact communication, influencing and presentation skills.
• A passion for technology and security safeguarding with a desire to deliver.
• Thrives on change, showing an impressive ability to respond to the changing needs of the business and information security.

Educated to degree level or equivalent combination of education, training, or work experience. CISSP, CISA, CSM GSEC, CCNE, or other security or network certifications desired but not essential.

Why join Capco

We offer:

• A work culture focused on innovation and creating lasting value for our clients and employees
• Ongoing learning opportunities to help you acquire new skills or deepen existing expertise
• A diverse, inclusive, meritocratic culture
• Capco offers a very attractive remuneration and benefits in line with your level of experience