DXC Technology

Job Description:

We are DXC - a Fortune 500 global IT services leader. In Bulgaria, we are among the largest employers with over 4,000 employees working on the company's entire IT portfolio.

The Security Delivery Lead is responsible for the information security governance and information security risk management for the assigned accounts. He/she also provides leadership for security escalations, compliance and audit activities.

Daily challenges

Client Relationship Management

• Security / Compliance Focal point for customer: Building and maintaining the relationship with customer.
• Ensure DXC compliance with contract: Own security compliance of DXC services to contractual obligations.
• Understand customer security needs: Understand security requirements. Translate customer security needs to DXC services and technical requirements.
• Identify future security requirements: Analyze current security requirements and security needs to identify future customer requirements for security.

Account Management

• Focal point to account: Act as the main point of contact / single point of contact (SPOC) for all Security related issues for the account.
• Security / Compliance Subject Matter Expert (SME) in the account: Act as security and security compliance SME in the account. Consult delivery teams on security policies, security standards and security best practices.
• Account Security Planning: Govern maintenance of the ASP document.
• Security Awareness Training.

Security Management

• Ensure account / Enterprise Services is secure: Govern the overall security level within the account operations and the security aspect of services provided by DXC for the account.
• Monitoring / Security Reporting: Prepare and / or analyze security reports, consolidate security reporting data coming from various sources.
• New project review: Review security requirements prepared for new project implementation, provide consultation / advice for security requirements specific to the account environment.
• Coordinate agreed security programs: Coordinate security areas / tasks. Coordinate security programs and initiatives.
• Complete self-assessments: Govern the gap analysis process, coordinate self-assessment documentation and checklists, coordinate and facilitate assessments process, as described in customer / DXC policies.

Risk Management

• Understand Risk Profile. Maintain Risk Register. Manage entire process. Identify and lead opportunities for process enhancements.
• Risk agreement & monitoring: Supervise security risk monitoring and review.
• Identify, rate and escalate risks: Supervise to risk identification and guide all DXC teams to properly identify risks. Provide lead expertise in risk assessment.
• Manage incidents: Ensure security incident management process is established and documented within the account.

Audit Management

• Audit Single Point of Contact: Act as liaison between external (customer) auditors and DXC teams.
• Audit Coordination: Coordinate collection of audit evidence and collaboration between teams and external auditors, requested in DXC internal or external audits. 
• Account/Delivery controls: Define and agree on custom controls with customer. Ensure delivery controls are implemented.
• Audit registration: Audit management back office activities: creation and maintenance of audit items, action items and follow up on auditees' timely responses.
• Check contractual boundaries: Ensure audit activities are performed according to contractual obligations.
• Account/Delivery based remediation:  Coordinate remediation activities for both dedicated and shared delivery teams.

Transition

• Policy Analysis and Risk Assessment: Lead policy analysis: analyze statements in DXC and customer policies and identify deviations.
• Initial training: Conduct security training to DXC teams, as specified in customer / contractual requirements.
• Setup Security Governance: Define and agree with customer on security governance metrics and security governance framework.
• Basic Security Incident Management: Ensure basic security incident management process exists to the extent possible in the transition environment.

Transformation

• Policy alignment: Ensure gaps between customer and DXC security policies are identified.
• Maintain security risk register and ensure security risk management implementation within the account.
• Prepare and support planning of Transformation activities.
• Coordinate security transformation projects:  Act as security lead in transformation projects, with regards to security policies, standard and best practices.

eXperience and skills required

Education and professional experience required:

• A minimum of 3 years professional experience in Information Security or IT Audit
• Experience in at least one of the industry standards
• Practical experience in Project Management
• Excellent knowledge of Information Security and technology 
• Good knowledge of the latest IT technologies
• Understanding of ITIL Service Delivery Framework

Personal skills and qualities:

• Fluent in English and German language
• Strong interpersonal and soft skills
• Team player. Ability to collaborate and negotiate with members of team and members of other teams
• Understanding of 24x7 mission critical enterprise computing environments and the impact of service disruption on a company’s bottom line
• High ethical standards
• Strategic thinking
• Leadership skills

Certificates considered an advantage:

• CISSP
• CISM
• CompTIA Security +

Company benefits

• Hybrid/Remote way of working
• Continuous learning and technical training opportunities
• Great opportunity for professional development in the IT field
• Part in a team that has established itself as a preferred worldwide partner for Hi-tech Services
• Competitive remuneration package
• Medical and Life insurance
• 4 days additional paid leave (total:24 days)
• Food vouchers
• Corporate Badge Program
• Wellness Program

We Deliver eXcellence for our Customers and colleagues every day. Our values form the foundation of everything we do and every decision we make.

If you feel comfortable with the above-mentioned requirements, please send us your CV in English. At DXC our employees’ safety and well-being remain a key priority for us. Therefore, we continue with stay-at-home recruiting and video interviewing for the foreseeable future.

Please note only shortlisted candidates will be contacted. #GRP1