Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security risk management and enhance risk programs across IT estates.
- Company: Join DXC Technology, a global leader in insurance software and services.
- Benefits: Competitive pay, comprehensive benefits, and continuous learning opportunities.
- Why this job: Make a real impact in cybersecurity while collaborating with top experts.
- Qualifications: Degree in Cybersecurity or related field; experience in risk management preferred.
- Other info: Flexible hybrid work model promoting wellbeing and inclusivity.
The predicted salary is between 36000 - 60000 £ per year.
Location: Hybrid London or Newcastle, UK
DXC’s Insurance Software and BPS business provides a range of software and services to the global insurance market including life, wealth, health, commercial and speciality, property and casualty, and reinsurance. DXC is also a key partner of the London Market, providing digital transformation and outsourcing services.
DXC’s insurance business has 13,000 domain experts serving 2,000 insurance customers operating in over 100 countries worldwide.
Role Overview
The Security Risk Management Lead will be responsible for refreshing and managing the security risk program across both heritage and digital IT estates in the London Markets account. This role will assess the current risk posture, ensure risk coverage, and produce actionable risk reports. The successful candidate will work closely with the Vulnerability and Remediation Managers to align risk findings with remediation plans and drive continual improvement.
Key Responsibilities
- Strategic Risk Management
- Redesign and implement a comprehensive security risk management framework.
- Establish KPIs and success criteria for risk posture and mitigation effectiveness.
- Lead the continual improvement program for risk management.
- Risk Assessment and Reporting
- Assess current risk coverage across the estate.
- Maintain and publish regular reports on risk status, trends, and aged risks.
- Link vulnerability findings and remediation actions to risk items.
- Stakeholder Engagement
- Collaborate with vulnerability and remediation managers to align risk and remediation priorities.
- Work with technical teams to support risk mitigation planning.
- Provide executive-level summaries and technical reports to leadership.
- Governance and Compliance
- Align with central corporate policies and maintain risk management standards and procedures.
- Ensure alignment with regulatory requirements and industry best practices.
- Support internal and external audits with documentation and evidence.
- Tool and Process Oversight
- Ensure risk management tools are properly configured and integrated.
- Maintain a risk matrix that maps risks to configuration items, owners, and remediation schedules.
- Evaluate the existing baseline for risk posture across diverse systems.
- Integrating risk data with vulnerability and remediation tracking.
- Addressing aged risks and converting accepted risks into actionable items.
- Producing clear, publishable reports for all levels of the organisation.
Educational & Professional Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field.
- Preferred: Certifications such as CRISC, CISSP, CISM, or ISO 27005.
- Experience in security risk management or related domains.
- Proven experience managing teams and driving security improvement programs.
What we can offer you
- Competitive Compensation & Pension Scheme – Rewarding your expertise while securing your future.
- Comprehensive Benefits Package – Including DXC Select, Perks at Work, and incentive programs for exclusive savings and rewards.
- Continuous Learning & Development – Access to upskilling opportunities, career growth resources, and industry-leading training.
- Lifestyle Perks – Enjoy options like the Salary Sacrifice Car Scheme and more.
#J-18808-Ljbffr
Security Risk Management Lead employer: DXC Technology
Contact Detail:
DXC Technology Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Risk Management Lead
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their security risk management approach and be ready to discuss how your experience aligns with their needs. We want to see you shine!
✨Tip Number 3
Practice your responses to common interview questions, especially those related to risk assessment and stakeholder engagement. Mock interviews with friends or mentors can help you feel more confident when it’s your turn to impress.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Security Risk Management Lead
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Security Risk Management Lead role. Highlight your relevant experience in security risk management and any certifications you have, like CRISC or CISSP. We want to see how your skills align with what we're looking for!
Showcase Your Achievements: When detailing your past roles, focus on specific achievements that demonstrate your ability to manage security risks effectively. Use metrics where possible to show how you've improved risk postures or led successful projects. This helps us see the impact you've made in previous positions.
Be Clear and Concise: Keep your application clear and to the point. Avoid jargon unless it's relevant to the role. We appreciate straightforward communication, so make it easy for us to understand your qualifications and experiences without wading through unnecessary fluff.
Apply Through Our Website: We encourage you to apply directly through our website. This ensures your application is received properly and allows us to track your progress. Plus, you'll find all the details about the role and our company culture there!
How to prepare for a job interview at DXC Technology
✨Know Your Risk Management Framework
Before the interview, make sure you’re well-versed in security risk management frameworks. Familiarise yourself with industry standards and best practices, as this will help you articulate how you can redesign and implement a comprehensive framework for the role.
✨Prepare for Technical Questions
Expect to be asked about specific tools and processes related to risk assessment and reporting. Brush up on your knowledge of risk matrices, vulnerability tracking, and remediation planning so you can confidently discuss how you would maintain and publish reports on risk status.
✨Showcase Your Stakeholder Engagement Skills
Think of examples where you’ve successfully collaborated with technical teams or presented to leadership. Be ready to discuss how you would align risk findings with remediation priorities and provide executive-level summaries, as this is crucial for the role.
✨Demonstrate Continuous Improvement Mindset
Highlight your experience in driving continual improvement programs. Prepare to discuss how you’ve assessed risk coverage in the past and what strategies you implemented to address aged risks, showcasing your proactive approach to security risk management.
