Information Security Manager

Joining Capco means joining an organisation that is committed to an inclusive working environment where you’re encouraged to #BeYourselfAtWork. We celebrate individuality and recognize that diversity and inclusion, in all forms, is critical to success. It’s important to us that we recruit and develop as diverse a range of talent as we can and we believe that everyone brings something different to the table – so we’d love to know what makes you different. Such differences may mean we need to make changes to our process to allow you the best possible platform to succeed, and we are happy to cater to any reasonable adjustments you may require. You will find the section to let us know of these at the bottom of your application form or you can mention it directly to your recruiter at any stage and they will be happy to help.

ABOUT CAPCO

Capco is a global technology and business consultancy, focused on the financial services sector. We are passionate about helping our clients succeed in an ever-changing industry.  From day one you will work on engaging projects with some of the largest banks in the world, on projects that will transform the financial services industry.
We are/have:

• Experts in banking and payments, insurance, capital markets and wealth and asset management
• Deep knowledge in financial services offering, including e.g. Finance, Risk and Compliance, Financial Crime, Core Banking etc.
• Committed to growing our business and hiring the best talent to help us get there
• Focus on maintaining our nimble, agile and entrepreneurial culture

This role is within the Global Information Security department within Corporate Services (non-client facing). You will be joining an existing Information Security team, as an Information Security Manager. The team manages Information Security across the group globally.

About the Role

This is a new and key role within the Global Information Security team and will report to the Global Chief Information Security Officer. As an Information Security Manager, you will get involved in all aspects of Information Security. You will support the Global CISO and the Global Information Security team in creating, setting and ensuring adherence to Capco business and Information Security strategies and will lead on the security elements of Capco’s AI and Gen-AI strategies.

Capco’s Information Security strategy’s purpose encompasses how we protect our business from security threats and vulnerabilities and, in addition, ensures client contracts, bids and contracted services effectively meet our security obligations.

Activities will include ensuring security threats and identified risks are managed, consulting on information security issues, monitoring compliance to information security policies, responding to client presale requirements, supplier and business assurance and championing the standards across the group globally. The role’s location and working model is flexible. It can be hybrid or on-site (Edinburgh or London).

Key Responsibilities

• Influencing the Capco Information Security Management System and policy framework, defining security policies, processes and improvement programmes.
• Owning specific improvement projects, in-line with the improvement programme.
• Ensuring adherence, across the whole business, to Global polices and standard methods and approaches to ensure services comply with the relevant, current security standards and protocols.
• Supporting the effective monitoring and reporting of all business areas to manage information security vulnerabilities and threats within the global infrastructure and network environments.
• Support security incident management and resolution as required as well as identify and deliver areas of improvement.
• Support supplier assurance to minimise the supplier risk to Capco, in line with the Information Security Management System.
• Support Information Security contributions to presales ensuring they are aligned to the information security policy framework.
• Support day-to-day operational matters within the Global Information Security team.
• AI and GenAI :
• Develop, implement and monitor compliance with AI-specific security policies and controls to mitigate risks associated with AI and GenAI technologies.
• Stay up to date and ensure compliance with new and evolving regulatory requirements and industry standards for AI.
• Conduct risk assessments and threat modelling for AI systems to identify potential vulnerabilities and risks.
• Monitor and audit AI systems for compliance with security policies and procedures, ensuring transparency and accountability in AI decision-making processes.
• Provide guidance or documentation for internal teams on ethical AI usage, data privacy, and protection measures to prevent biases and ensure fairness in AI applications.
• Collaborate with internal development and IT teams to integrate security best practices throughout the AI development and deployment lifecycle.

Essential Skills

• The Information Security Manager is a recognised information security professional with broad Information Security experience across the key aspects of the role.
• Experience of developing and implementing AI-specific security policies and controls or a keen interest and good working knowledge of information security technical and governance challenges relating to AI and Gen-AI.
• Experience of working in multi-site, complex, IT outsourcing or professional service organisations, ideally within Financial Services.
• Effective people management skills with the ability to indirectly influence others.
• Experience of working with cross-function stakeholders to find resolutions and mitigate security related threats and risks.
• Understanding of the regulatory and audit requirements with respect to information security and privacy issues.
• Proficiency in time management, communications, decision making, presentation and organizational skills.
• Good decision-making and problem-solving skills.
• Good verbal and written communication skills to technical and non-technical audiences.
• High impact communication, influencing and presentation skills.
• A passion for technology and security safeguarding with a desire to deliver and bias for action.
• Thrives on change, showing an impressive ability to respond to the changing needs of the business and information security.
• Educated to degree level or equivalent combination of education, training, or work experience.

WHY JOIN CAPCO?
You will work on engaging projects with some of the largest banks and financial services institutions in the world, on projects that will transform the financial services industry.

We offer:

• A work culture focused on innovation and creating lasting value for our clients and employees
• Ongoing learning opportunities to help you acquire new skills or deepen existing expertise
• A flat, non-hierarchical structure that will enable you to work with senior partners and directly with clients
• A diverse, inclusive, meritocratic culture
• Capco offers a very attractive remuneration and benefits in line with your level of experience

#LI-DNP

#LI-Hybrid