Security Information Assurance Consultant

Job Description:

Security Information Assurance Consultant

5 Days Onsite Central London

At DXC Technology delivering excellence for our customers and colleagues is more than just a mottoitssomething we strive towards constantly through our work. Every day we deliver mission critical services in a secure environment whilst promoting our people first agenda a real sense of community and a healthy work-life balance. Our consistently positive customer feedback and continuous growthhelpsus cement our place as one of the worlds leading IT solutions enterprises helping us deliver services and solutions in both challenging and exciting situations.

We believe that hiring a diverse team is crucial to our success and our recruiting decisions are based on your skills and experience as an individual. We actively encourage consistent growth on our journey towards a culture of inclusion and recognise that the people we employ are vital to providing a great customer experience. As such we have a variety of training support and tools available to aid in your continual personal and professional development. Our ongoing goal is to drive innovation and modernise operations across the board which includes furthering the skills of our colleagues. At DXC building a better you builds a better us.

At DXCone of our platinum accountshas an opening for a Senior Information Assurance successful candidate will work within multiple teams and will beinnovativeand analytical with a good eye for role will includeimplementing standards policies and procedures for continual service improvement.

We are looking for an experienced Security Consultant who has all round skills in information security risk management.

Role responsibilitiesq :
Working closely with Security Architects and the design teams providea bridge between the technical teams and the security risk owner from the business helping translate technical security risks into a form understandable to non-technical business people. Advise risk owners as to the severity of the risks they are being presented with and potential mitigation strategies (and their impacts) to enable them to make informed risk management decisions
Monitor implementation and ongoing maintenance of agreed risk management actions
Createmaintain and utilise risk assessment and related artefacts such as the risk register and security-specific documentation such as Security Operating Procedures
Assistthe Account Security Lead withcreating and maintaining security-related processes policiesand guidance
Proactively identifying areas for improvement in security across the account both to improve security and make good security easier


What you will bring to the team:
Experience in a similar or related role with desirable additional qualifications to include CISM or CISSP / IISP or other professional body membership
Experience of working to HMG (e.g. NCSC guidance DSIT Secure by Design GovS 007) best practices
Desire to improve processes looking for the root cause of a problem
Willingness to both share your knowledge and learn from others
A proactive approach towards looking for risks and problems
A strong team working ethic with a customer first focus and a thirst for knowledge

Desirable Skills and Technologies:
Deep knowledge and understanding ofinformation and cyber security risk management
Experience in threat modelling utilising STRIDE or Attack Trees NIST Cyber Security Framework
Experience or knowledge of various technology stacks including Cloud (AWS MS Azure) M365 VMWare Redhat Openshift or other container orchestration platforms Windows and Linux operating systems
Knowledge of industry security guidance provided by the likes of OWASP and CIS
Awareness of security champions programmes

What we will do for you:
Competitive compensation
Pension scheme
DXC Select Our comprehensive benefits package (includes private health/medical insurance childcare vouchers gym membership and more)
Perks at Work (discounts on technology groceries travel and more)
DXC incentives (recognition tools employee lunches regular social events etc)

At DXC Technology we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing productivity individual work styles and life circumstances. Were committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services such as false websites or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process nor ask a job seeker to purchase IT or other equipment on our information on employment scams is availablehere.