Certified Cybersecurity Experts

limitstrike.com
limitstrike.com
  • Home
  • Cybersecurity
    • Quantum Research
    • Vulnerability Management
    • Governance & Compliance
    • AI Threat Detection
    • Cyber Risk Assessments
    • Cyber SOC Services
  • Cyber Attack Log
  • Portfolio
  • HSBC
  • Capgemini
  • Cyberfort
  • Taylor Wimpey
  • UK Ministry of Justice
  • Seven Trent Water
  • Airbus
  • Crown Prosecution Service
  • Courts & Tribunal Service
  • CGI

Capgemini

 Involved with the IS Strategy, Planning & Portfolio team where we was involved in three key areas: IT Audits, IS Risk Management and Preparation for Smart metering readiness. Worked to support the mobilization, management and delivery of high profile IT audits in 2016. This included interfacing and working collaboratively with the partner organization and third party suppliers. The four audits to be delivered for the remainder of this year included Mobile Spend, IT General Controls, Information Governance & Network Security, and Management of 3rd party suppliers. Acting as the primary interface to 3rd party audit teams. Involved in a large degree of cross working across the IS teams and management to align the required resources to support the audits, whether this be technical, process or organizing the structured interviews auditors wish to do.

For IS Risk Management we were required to build and develop on the existing processes. Developed and consistently maintained a high level Risk Register for the Information Systems. In addition to this, we started the advancement of risk logs, which were at a more operational level of the organization (IS Ops, Security, Service Delivery, Portfolio, etc). We ensured that it was gathered and reviewed the clients 3rd party partner’s views of key risks and how these would be addressed by them. We continued working to produce the monthly risk reporting documents and presentations as guided by the IS Strategy team and ensured the client’s risk management system ERC is kept up to date. We reviewed the risks and translated them into plans which fed into the forward planning cycle. 

As for the preparation for Smart Metering readiness we reviewed policies and risks associated to readiness to pass a ‘Competent Independent Organization’ (CIO). We supported as required in the development of the readiness plan to achieve a successful CIO audit outcome.


Working as a part of the Agile Risk Control transformation program we were responsible for the overall acceptance across the group. As a part of this transformation programme we converted mandatory controls into control stories and safeguarded alignment to the group’s risk framework. 


We conducted extensive mapping exercises to ensure that control stories met the group’s risk control objectives. We also streamlined the process by identifying relevant controls that are applicable in Agile and DevOps environment. He engaged with all the IT control functions (e.g. IT Security, Testing, Architecture, Infrastructure etc.) to create control stories and mandatory artefacts that were required for the transformation programme. 

We also managed the offshore resources who were conducting mapping exercises from a DevOps perspective. These resources were tasked with identifying all of the automated tools within the DevOps environment and how they were configured to meet the group’s risk control objectives. We also created risk story governance process, training materials and guidance on how to incorporate behavior driven development as an agile practice. As part of the Agile DevOps programme we streamlined multiple Agile frameworks in align with the Agile Risk Control programme. We were required to conduct an intensive mapping of over 200 minimum standards and artefacts against control stories and processes for the future state controls. We liaised with multiple stakeholders to ensure the successful completion of this imperative task. In addition to this, we converted the current NFR solution into control stories by streamlining NFR processes making it easier for the pod teams to execute solutions with minimal interruptions at the same time complying with the group’s control objectives.  


We were responsible for supporting the DevOps security management function in the daily running of the Cyber Communities of Practice by reporting and tracking i.e. updating meeting notes and actions tracked through Confluence and JIRA on a weekly basis. We created and expanded the Communities of Practice through exchanging knowledge and developing the SecDevOps capabilities. 

We ensured efforts and experiments driven from the Cyber Communities of Practice align with the CSMIP (Cyder Security Maturity Improvement Programme) initiatives through the delivery of automated security process efficiencies to support DevOps. We identified and reported further people and training requirements and supported agile practices. We was responsible for embedding compliant IT Security measures into the Agile/DevOps ways of working. He incorporated and maintained agile ways of working, conducting agile ceremonies, product backlog grooming, creating user stories.

We also trained DevOps teams to identify and mitigate IT Security risks at the earliest points in the development cycle.


We was responsible for analyzing the “as-is” activity and requirements across all TGS clusters for the future pan-government Security Maturity Assessment (SMA) service. We were involved in analyzing information provided by cluster leads and cluster members, and constructed output to support stakeholder engagement.

We assisted with the development of the Phase 1 high level service design and toolkit for SMA, as part of supporting the Transforming Government Service (TGS) Cluster 3 lead.  

This included in the following:

  • Professionalizing and enhancing the DWP cluster 3 toolkit 
  • Supporting with the design and preparation of materials for a discovery workshop with cluster stakeholders

We supported the management of the SMA project by managing the SMA project daily status board / Kanban. 


We produced technical user guides for building and deploying a Docker image. We was requested by the client to design, organize the user guides on confluence and create a services page for Bitbucket. We engaged with client stakeholders to discuss technologies used, author requirements and test the written material with users. The Bitbucket services page he created included information relating to Availability, Backup, Security, Logging, Monitoring etc. 

We was required to build a network with key stakeholders from Immigration Platform Technology and development teams for topics relating to the Docker platform. We was recognized as the technology point of contact for Capgemini teams on the ground. We facilitated key workshops and demo runs of the technical user guides for feedback. We managed technical SME’s expectations and project scope relating to the variations for building and deploying a Docker image across different teams. He also setup Kanban boards and reviewed the team’s Jira tickets on daily standups. 

Copyright © 2025 limitstrike.com - All Rights Reserved.

Powered by

  • Portfolio

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept