Enable job alerts via email!
Security Risk Management Lead
DXC Technology
Cowbridge
Hybrid
GBP 70,000 - 90,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology firm is looking for a Security Risk Management Lead to oversee security risk programs within hybrid configurations. This role involves assessing risk postures, creating action plans, and collaborating with stakeholders to enhance security measures. Candidates should have a Bachelor’s degree in a relevant field and preferable certifications. The position offers competitive compensation, a comprehensive benefits package, and continuous development opportunities, fostering an inclusive work environment.
Benefits
Qualifications
- Bachelor’s degree in a related field is required.
- Preferred certifications include CRISC, CISSP, CISM, or ISO 27005.
- Experience in security risk management is necessary.
Responsibilities
- Redesign and implement security risk management frameworks.
- Maintain reports on risk status and trends.
- Collaborate with teams to align risk and remediation.
Skills
Education
Tools
Security Risk Management Lead
Location: Hybrid London or Newcastle, UK
DXC’s Insurance Software and BPS business provides a range of software and services to the global insurance market including life, wealth, health, commercial and speciality, property and casualty, and reinsurance. DXC is also a key partner of the London Market, providing digital transformation and outsourcing services.
DXC’s insurance business has 13,000 domain experts serving 2,000 insurance customers operating in over 100 countries worldwide.
The Security Risk Management Lead will be responsible for refreshing and managing the security risk program across both heritage and digital IT estates in the London Markets account. This role will assess the current risk posture, ensure risk coverage, and produce actionable risk reports. The successful candidate will work closely with the Vulnerability and Remediation Managers to align risk findings with remediation plans and drive continual improvement.
Strategic Risk Management
- Redesign and implement a comprehensive security risk management framework.
- Establish KPIs and success criteria for risk posture and mitigation effectiveness.
- Lead the continual improvement program for risk management.
Risk Assessment and Reporting
- Assess current risk coverage across the estate.
- Maintain and publish regular reports on risk status, trends, and aged risks.
- Link vulnerability findings and remediation actions to risk items.
Stakeholder Engagement
- Collaborate with vulnerability and remediation managers to align risk and remediation priorities.
- Work with technical teams to support risk mitigation planning.
- Provide executive-level summaries and technical reports to leadership.
Governance and Compliance
- Align with central corporate policies and maintain risk management standards, and procedures.
- Ensure alignment with regulatory requirements and industry best practices.
- Support internal and external audits with documentation and evidence.
Tool and Process Oversight
- Ensure risk management tools are properly configured and integrated.
- Maintain a risk matrix that maps risks to configuration items, owners, and remediation schedules.
Key Challenges
- Evaluate the existing baseline for risk posture across diverse systems.
- Integrating risk data with vulnerability and remediation tracking.
- Addressing aged risks and converting accepted risks into actionable items.
- Producing clear, publishable reports for all levels of the organisation.
- Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field.
- Preferred: Certifications such as CRISC, CISSP, CISM, or ISO 27005.
- Experience in security risk management or related domains.
- Proven experience managing teams and driving security improvement programs.
- Competitive Compensation & Pension Scheme – Rewarding your expertise while securing your future.
- Comprehensive Benefits Package – Including DXC Select, Perks at Work, and incentive programs for exclusive savings and rewards.
- Continuous Learning & Development – Access to upskilling opportunities, career growth resources, and industry-leading training.
- Lifestyle Perks – Enjoy options like the Salary Sacrifice Car Scheme and more.
At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
