Junior/Medior Security Strategy and Risk & Compliance Consultant

Job content

DXC Technology(NYSE: DXC) is the world’s leading independent, end-to-end IT services company, helping clients harness the power of innovation to thrive on change. Created by the merger of CSC and the Enterprise Services business of Hewlett Packard Enterprise, DXC Technology serves nearly 6,000 private and public sector clients across 70 countries. The company’s technology independence, global talent and extensive partner alliance combine to deliver powerful next-generation IT services and solutions. DXC Technology is recognized among the best corporate citizens globally.

ROLE DESCRIPTION

This vacancy is for a Security Strategy and Risk & Compliance Consultant with all-round information assurance security skills to join the DXC EMEA SRM RCM Capability.

The successful candidate will work on the security part of major projects for commercial and government customers as well as dedicated security consulting assignments. You will work under general direction with some level of autonomy, be able to use knowledge and skills obtained through education and experience to perform the necessary risk and compliance tasks related to the implementation of security solutions to meet both regulatory and client’s requirement.

You will use your knowledge and experience to advise clients in the area of Security Risk Management, Risk and compliance and Security Strategy. You will be required to work on multiple client accounts and must have the ability to assess risks imposed by technical solutions and advise clients of security standards and best practice relating to the proposed security solution.

THE ROLE

• Understand risk assessments in the form of ISO27005 or other industry standards agreed with the client and develop risk remediation action plans
• Understand client’s business strategy and be able to translate that into a long term cyber strategy
• Translating of Risk Management Document Sets conforming to appropriate Information Assurance Standards
• Performing compliance review activities
• Production of Gap Analysis assessment to identify gaps against well-known and client developed security standards
• Be part of managing the accreditation and assurance processes on behalf of the client
• Providing advice, guidance and support to Supplier organizations and client staff on matters related to security compliance, audit, accreditation and information assurance
• Liaising with client Information Assurance Services on security matters
• Assisting in the drafting new policy or amending existing security policy and procedure sets for regulatory and compliance requirements
• Help in designing and implementing Information Security Management System aligned to regulatory and client security standards (ISMS).

EXPERIENCE AND KNOWLEDGE

• 0 to 4+ years of professional IT experience
• Awareness of cyber-attack techniques and how protective monitoring systems can be used for detection, mitigation, remediation and protection
• Experience of Enterprise Risk Management methodologies/techniques development and implementation.
• Experience of risk analysis’ output’s implementation into Information Security processes’
• Experience with interpreting and applying appropriate Standards, Policies and Legislation, (e.g. ISO27001, PCI DSS, COBIT, SOC, DPA, GDPR, NIST, Cyber Essentials, etc.) confirmed by respective certifications or relevant experience
• Good overall understanding of Security management and assurance practices, with hands on experience
• Experience of security processes and standards, in particular ISO27001.
• Good level knowledge of security audit and accreditation processes

SKILLS / BEHAVIOURS

• Excellent English Language communication skills (written and spoken)
• Strong interpersonal skills and able to work with staff at all levels in an organization
• Proactive thinking – the ability to come up with options and solutions
• Organised and methodical and not afraid to seek support
• Is a collaborative person who can work with customers, colleagues and partners. They will demonstrate personal flexibility and focused delivery to ensure the team deliver quality solutions and increase customer satisfaction
• Has good knowledge of cyber threats and security solutions, security as a business enabler and digital transformation

DXC’s Enterprise Security Services division is experiencing significant growth. Strategically important, the focus of the team is to manage risk and provide security intelligence to our customers. Offering ’Best-in-class’ security services, DXC ESS presents an outstanding opportunity to develop your career.

For more information, visit www.dxc.technology