Security Information Assurance Consultant

hackajob is collaborating with DXC Technology to connect them with exceptional professionals for this role.

Job Description

Senior Information Assurance Consultant

5 Days Onsite Central London

At DXC Technology, delivering excellence for our customers and colleagues is more than just a motto, it’s something we strive towards constantly through our work. Every day we deliver mission‑critical services in a secure environment whilst promoting our people‑first agenda, a real sense of community and a healthy work‑life balance. Our consistently positive customer feedback and continuous growth helps us cement our place as one of the world’s leading IT solutions enterprises, helping us deliver services and solutions in both challenging and exciting situations.

Role responsibilities

• Working closely with Security Architects and the design teams to provide a bridge between the technical teams and the security risk owner from the business, helping translate technical security risks into a form understandable to non-technical business people; advise risk owners on the severity of the risks and potential mitigation strategies (and their impacts) to enable informed risk‑management decisions.
• Monitor implementation and ongoing maintenance of agreed risk‑management actions.
• Create, maintain, and utilise risk assessment and related artefacts such as the risk register and security‑specific documentation such as Security Operating Procedures.
• Assist the Account Security Lead with creating and maintaining security‑related processes, policies and guidance.
• Proactively identify areas for improvement in security across the account, both to improve security and make good security easier.

What you will bring to the team

• Experience in a similar or related role with desirable additional qualifications to include CISM or CISSP / IISP or other professional body membership.
• Experience of working to HMG (e.g. NCSC guidance, DSIT Secure by Design, GovS 007) best practices.
• Desire to improve processes, looking for the root cause of a problem.
• Willingness to both share your knowledge and learn from others.
• A proactive approach towards looking for risks and problems.
• A strong team‑working ethic, with a “customer first” focus and a thirst for knowledge.

Desirable Skills and Technologies

• Deep knowledge and understanding of information and cyber security risk management.
• Experience in threat modelling utilising STRIDE or Attack Trees, NIST Cyber Security Framework.
• Experience or knowledge of various technology stacks including Cloud (AWS, MS Azure), M365, VMWare, Redhat Openshift or other container orchestration platforms, Windows and Linux operating systems.
• Knowledge of industry security guidance provided by the likes of OWASP and CIS.
• Awareness of security champions programmes.

What we will do for you

• Competitive compensation.
• Pension scheme.
• DXC Select – Our comprehensive benefits package (includes private health/medical insurance, childcare vouchers, gym membership and more).
• Perks at Work (discounts on technology, groceries, travel and more).
• DXC incentives (recognition tools, employee lunches, regular social events).

#J-18808-Ljbffr…