Associate Manager - Security Compliance Analyst

Job Description:

Security Compliance Analyst

Our Security Team is comprised of professionals with a broad background in business Information Security assurance and delivery experience, supporting a range of DXC Technology Outsourced Clients and Industries. 

This Compliance Analyst role works alongside a Financial Sector Customer and DXC Account SME’s and Commercial Teams. The role supports the Security Compliance Analyst Lead and the Compliance Lead in the analysis of compliance to service contracted policy controls relevant to both DXC and its Third Parties.

Key responsibilities:

• Assesses Policies for change and potential risk.

• Verifies DXC and Third-Party evidence in support of Client Policies.

• Maintains relationships with SME’s, Risk, Commercial and Client Teams.

• Guides and advises stakeholders to ensure smooth running of processes.

• Liaises with other Team members in support of objectives.

• Produces and updates governance procedures and reporting.

Mandatory Skills must include:

• Able to determine effectiveness of policy controls (operational, management and technical) to identify gaps in compliance.

• Attention to detail and an analytical approach to document review.

• Internal Audit/Assessment experience, including Third-Party compliance.

• Effective document presentation skills to meet business needs.

Expected Skills:

• Able to prioritize workload based on operational deadlines.

• Strong communicator; can interpret controls into understandable guidance.

• Excellent command of English; written and verbal.

• Experience working with ISO 27001 and an ISMS in a large organisation.

Desired Skills include:

• Knowledge of Regulatory Compliance Controls.

• Proficiency with Microsoft (Outlook, Word, Excel, PPT. Teams, SharePoint)

• Experience with Third Party Policy flow-downs.

• Exposure to international Clients / Delivery Teams.

Education and Experience:

• Bachelor’s Degree in any discipline.

• Typically 8 years or more experience with at least 5 years in the field of Information Security.

• Certifications must have: CISA or ISO 27001 Lead Auditor.

• Certifications desirable: CISSP or CISM.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.