Security Vulnerability Lead

DXC’s Insurance Software and BPS business provides a range of software and services to the global insurance market including life, wealth, health, commercial and speciality, property and casualty, and reinsurance. DXC is also a key partner of the London Market, providing digital transformation and outsourcing services.

DXC’s insurance business has 13,000 domain experts serving 2,000 insurance customers operating in over 100 countries worldwide.

This is a dedicated account-level role responsible for leading vulnerability management across both heritage and digital IT estates within the London Markets account. The successful candidate will be tasked with rebuilding the vulnerability management program from the ground up, ensuring robust coverage, effective remediation coordination, and continuous improvement.

• Refresh and redesign the vulnerability management framework for the account.
• Define success criteria and establish KPIs for vulnerability management effectiveness.
• Lead continual improvement initiatives and manage the program roadmap.

• Oversee vulnerability identification, assessment, and reporting across the estate.
• Ensure vulnerability scanning tools are properly configured, integrated, and provide adequate coverage.
• Maintain and publish regular reports on vulnerability status, trends, and aged backlog.

• Collaborate closely with the Remediation Manager to drive timely resolution of vulnerabilities.
• Address aged vulnerabilities and align remediation efforts with business priorities.
• Review vulnerabilities accepted as risk and re-evaluate remediation opportunities.

• Develop and maintain vulnerability management policies, standards, and procedures.
• Support internal and external audits with documentation and evidence.
• Ensure alignment with regulatory requirements and industry best practices.

• Act as the central point of contact for vulnerability-related issues.
• Educate stakeholders on risks, remediation strategies, and tool usage.
• Provide executive-level summaries and technical reports to leadership.

• Establishing a baseline for tool functionality and coverage across legacy and modern platforms.
• Producing a clear management view of vulnerabilities by component (OS, DB, middleware, etc.).
• Coordinating across delivery teams and technical owners to ensure accountability and progress.
• Implementing a vulnerability matrix to track patching schedules, ownership, and compliance.

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Preferred: Master’s degree or relevant certifications (e.g., CISSP, CISM, CRISC, GIAC).
• Experience in vulnerability management or related security domains.
• Proven experience managing teams and driving security improvement programs.

• Strong understanding of vulnerability scanning tools (e.g., Qualys, Prisma Cloud, AWS GuardDuty).
• Familiarity with patch management processes and SLAs.
• Excellent communication and stakeholder management skills.
• Analytical mindset with ability to prioritize risks and align with business impact.

• Competitive Compensation & Pension Scheme – Rewarding your expertise while securing your future.
• Comprehensive Benefits Package – Including DXC Select, Perks at Work, and incentive programs for exclusive savings and rewards.
• Continuous Learning & Development – Access to upskilling opportunities, career growth resources, and industry-leading training.
• Lifestyle Perks – Enjoy options like the Salary Sacrifice Car Scheme and more.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.