At a Glance
- Tasks: Lead security risk management and enhance risk programs across digital and heritage IT estates.
- Company: Join DXC Technology, a leader in insurance software and digital transformation.
- Benefits: Enjoy competitive pay, comprehensive benefits, and continuous learning opportunities.
- Other info: Flexible hybrid work model promoting well-being and inclusivity.
- Why this job: Make a real impact in security risk management while collaborating with top experts.
- Qualifications: Degree in Cybersecurity or related field; experience in security risk management preferred.
The predicted salary is between 43200 - 72000 £ per year.
Location: Hybrid London or Newcastle, UK
DXC’s Insurance Software and BPS business provides a range of software and services to the global insurance market including life, wealth, health, commercial and speciality, property and casualty, and reinsurance. DXC is also a key partner of the London Market, providing digital transformation and outsourcing services. DXC’s insurance business has 13,000 domain experts serving 2,000 insurance customers operating in over 100 countries worldwide.
Role Overview
The Security Risk Management Lead will refresh and manage the security risk program across both heritage and digital IT estates in the London Markets account. The role assesses the current risk posture, ensures risk coverage, and produces actionable risk reports. The successful candidate works closely with Vulnerability and Remediation Managers to align risk findings with remediation plans and drive continual improvement.
Key Responsibilities
- Strategic Risk Management
- Redesign and implement a comprehensive security risk management framework.
- Establish KPIs and success criteria for risk posture and mitigation effectiveness.
- Lead the continual improvement program for risk management.
- Risk Assessment and Reporting
- Assess current risk coverage across the estate.
- Maintain and publish regular reports on risk status, trends, and aged risks.
- Link vulnerability findings and remediation actions to risk items.
- Stakeholder Engagement
- Collaborate with vulnerability and remediation managers to align risk and remediation priorities.
- Work with technical teams to support risk mitigation planning.
- Provide executive-level summaries and technical reports to leadership.
- Governance and Compliance
- Align with central corporate policies and maintain risk management standards and procedures.
- Ensure alignment with regulatory requirements and industry best practices.
- Support internal and external audits with documentation and evidence.
- Tool and Process Oversight
- Ensure risk management tools are properly configured and integrated.
- Maintain a risk matrix that maps risks to configuration items, owners, and remediation schedules.
Key Challenges
- Evaluate the existing baseline for risk posture across diverse systems.
- Integrate risk data with vulnerability and remediation tracking.
- Address aged risks and convert accepted risks into actionable items.
- Produce clear, publishable reports for all levels of the organisation.
Educational & Professional Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field.
- Preferred: Certifications such as CRISC, CISSP, CISM, or ISO 27005.
- Experience in security risk management or related domains.
- Proven experience managing teams and driving security improvement programs.
What We Can Offer You
- Competitive Compensation & Pension Scheme – Rewarding your expertise while securing your future.
- Comprehensive Benefits Package – Including DXC Select, Perks at Work, and incentive programs for exclusive savings and rewards.
- Continuous Learning & Development – Access to upskilling opportunities, career growth resources, and industry-leading training.
- Lifestyle Perks – Enjoy options like the Salary Sacrifice Car Scheme and more.
At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritises in-person collaboration while offering flexibility to support well-being, productivity, individual work styles and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.
Security Risk Management Lead in Newcastle upon Tyne employer: DXC Technology
At DXC Technology, we pride ourselves on being an exceptional employer, offering a dynamic work culture that values collaboration and flexibility. Our hybrid work model in London or Newcastle allows for a balanced lifestyle while providing access to continuous learning and development opportunities, ensuring that our employees can grow their careers in the ever-evolving field of security risk management. With competitive compensation, a comprehensive benefits package, and a commitment to inclusivity, DXC is dedicated to fostering an environment where every team member can thrive and make a meaningful impact.
StudySmarter Expert Advice🤫
We think this is how you could land Security Risk Management Lead in Newcastle upon Tyne
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already at DXC. A friendly chat can open doors and give you insider info on what they're really looking for.
✨Tip Number 2
Prepare for the interview by diving deep into security risk management trends. Show us you know your stuff and can talk about how you’d tackle challenges in the role. Confidence is key!
✨Tip Number 3
Don’t just wait for job postings! Keep an eye on our website and apply directly. It shows initiative and gives you a better chance of being noticed by the hiring team.
✨Tip Number 4
Follow up after your interview with a thank-you note. It’s a simple gesture that keeps you fresh in their minds and shows your enthusiasm for the role. We love a bit of courtesy!
We think you need these skills to ace Security Risk Management Lead in Newcastle upon Tyne
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Security Risk Management Lead role. Highlight relevant experience and skills that match the job description, especially in risk management and cybersecurity.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Mention specific projects or achievements that demonstrate your expertise in security risk management.
Showcase Your Certifications:If you have certifications like CRISC, CISSP, or CISM, make them stand out in your application. These credentials can really boost your profile and show us you mean business in the security field.
Apply Through Our Website:We encourage you to apply through our website for the best chance of success. It’s straightforward and ensures your application gets to the right people quickly!
How to prepare for a job interview at DXC Technology
✨Know Your Risk Management Framework
Before the interview, make sure you’re familiar with various security risk management frameworks. Be ready to discuss how you would redesign and implement a comprehensive framework for DXC, and think about specific KPIs you might establish to measure success.
✨Prepare for Technical Questions
Expect questions that dive deep into risk assessment and reporting. Brush up on your knowledge of risk matrices and how to link vulnerability findings to remediation actions. Being able to articulate your thought process will show your expertise.
✨Showcase Your Stakeholder Engagement Skills
Think of examples where you’ve successfully collaborated with technical teams or managed stakeholder expectations. Be prepared to discuss how you would align risk and remediation priorities with various teams at DXC.
✨Understand Governance and Compliance
Familiarise yourself with regulatory requirements and industry best practices related to security risk management. Be ready to discuss how you would ensure alignment with corporate policies and support audits with proper documentation.
