Cyber Security Risk Program Manager (Remote)

Job Description:

Job Description

DXC's Global Cyber Security team is in the process of maturing the overall cyber security risk management capabilities across the company. DXC's goal is to enable a more comprehensive risk view that will enable the company to better secure its' technology landscape and manage the investments that it is making in risk mitigation. To enable this change DXC is looking for a program manager that will move the risk program forward and will assume control of the business processes and technology's that support this critical need to our growth.

The Cyber Security Risk program manager will identify DXC's cyber risk management business needs, then combined with industry risk management best practices, lead the risk management program globally that will align with the risk operations at the business level. The Risk manager will work across the enterprise to identify issues associated with business process and technology changes and find solutions for the smooth implementation and adoption of the risk management program and tools. He / she must be a team player and leader that is extremely effective at communicating IT security controls with the business and working collaboratively across a matrixed organization resulting in the reduction of IT security risk across the company. This position will be responsible for accurately capturing, communicating, and managing the risk posture of the organization. Experience and knowledge of leading Risk Management frameworks and qualitative / quantitative risk methodologies is highly recommended.

This role leads our global risk program and is responsible for the daily management of DXC's risk register and working across the company to ensure that risk reduction activities are being performed and in line with expectations. This person will ensure there is daily operational alignment of the risk program with ERM, DXC IT, Security, Delivery and other business areas where required.

Responsibilities

• Develop business requirements and analyze them against new and existing security solutions support the global risk program.
• Manage the daily operational aspects of tracking the global cyber security risk register.
• Working with the administrative team, provide business requirements and support the daily governance of the GRC tool used for Policy and Risk compliance.
• Establish and maintain information security and compliance metrics
• Balance, prioritize and troubleshoot multiple priorities/streams of work
• Assess and understand the big picture and spot organizational impacts based on other work efforts
• Deliver strong written and presentation skills to senior leaders regarding the global risk profile
• Communicate and implement business process changes that are easy to understand for each defined audience
• Experience working in a global organization with virtual stakeholders

Skills

• Strong communication and business relationship skills
• Delivery-focused mindset that will be able to work in a fast-paced environment with shifting priorities.
• Knowledge of a wide variety of information security concepts, services, and technologies
• Ability to present and discuss IT security strategy and business decisions with senior management
• GRC Tool management (Service Now, Archer or similar system)
• Strong ability to work in a fast-paced environment with shifting priorities
• Possess familiarity with information security policies and standards
• Able to act independently when making technical or business decisions
• Ability to analyze detailed performance metrics and establish improvement plans
• Knowledge of information security best practices, regulatory concerns, and security standards
• Possess familiarity with the security controls for business applications

Education and Experience

• 7+ years of relevant experience desired
• Minimum 3 years of experience conducting risk assessments using risk and control frameworks including ISO, NIST or other industry standard
• Minimum 3 years of experience using and/or implementing GRC or similar tools
• Demonstrated work history on enterprise-wide projects or initiatives with global scope

For individuals assigned and/or hired to work in the following states California, Colorado, Connecticut, Delaware, Illinois, Louisiana, Maine, Maryland, Massachusetts, Minnesota, Nevada, New Hampshire, New Jersey, New York, Ohio, Oregon, Rhode Island, Vermont, Virginia, Washington, DXC is required by law to include a reasonable estimate of the compensation range for this role.

The base salary range represents the low and high end of the DXC salary range for this position. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The range listed is just one component of DXC's employee compensation package. Other rewards may include a vacation policy and region-specific benefits.

At DXC, it is not typical for an individual to be hired at /near the top of the range. A reasonable estimate of the current range is 110k to 140k

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age or genetic information. DXC's commitment to diversity and inclusive selection practices includes ensuring qualified long-term unemployed job seekers receive equal consideration for employment. View postings below.

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings link

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note: DXC will respond only to requests for accommodations due to a disability.