Professional 1 Security Compliance (51005812)

Job description

·  Job Description:

Position Description: Cyber Security Consultant

Objectives:

As Security Consultant, you will be the Subject matter expert related to the security domain and delivery for the customers assigned. The security domain could be one or more around Infrastructure and Network Security, IDAM, Threat and Vulnerability management or Security Operation Center (SOC).

In a typical engagement, the Consultant operates as a trusted advisor in the organization, working with senior management and focusing specifically on security environment in relation to client business objectives. The consultant helps understand operational issues and plans next steps from an information security viewpoint.

This requires the ability to interact and influence at a managerial level within client organizations such as Information Governance and IT Security leads. You will be able to demonstrate industry expertise and understanding of the security governance and compliance.

Primary Responsibilities:

·  Lead Security Practice area during Build and Transition and Transformation (T&T) activities
·  Ability to deploy and manage the administration of the security product
·  Ensuring delivery excellence during the Build  and T&T phase (Ensuring avoidance of non-performance / non-compliance contractual penalties).
·  Relationship management with DXC Partners/vendors
·  Manage Security Risk and Exception to standards management
·  Ensure knowledge and implementation of security fundamentals, policies and standards (regulatory and contractual)
·  Seek to identify additional business for DXC GCC revenue for the DXC account.
·  Escalate and resolve Security Issues
·  Coordinate delivery of Security Metrics and Reporting in support of contractual commitment

Minimum Qualifications:

·  At least 7 to 10  years working experience in a Security or technical delivery role in one or many below domain:
·  Ethical and Vulnerability Management- VA, PT, Application Security including Mobile Application, Forensic , OR
·  Data Loss Protection and Prevention – DLP, Encryption, OR
·  User Access Provisioning- IDAM, SSO, PIM, OR
·  Infrastructure and Endpoint Security- Anti- Malware, HIPS, ACC, DAM and EDR , OR
·  Network Security- NGFW, NIPS, APT, WAF, NBAD, Packet Capture Analysis
·  Cloud Security- Architect or Deployment of Security tools and controls in Google, AWS or Azure

·  Bachelor or master degree in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience)
·  Knowledge of the security and auditing regulations
·  Exposure to audit and compliance programs
·  Excellent and effective communication skills
·  Ability to write proposals and publish reports and presentations
·  Ability to work effectively in diverse, multi-national and virtual environments
·  Demonstrate sound judgment and integrity
·  Ability to influence Delivery personnel in the execution of security and compliance requirements
·  Ability to identify key talent and retain them
·  Product certification for the selected area of expertise

·  Preferred skills
·  Experience in Enterprise Security services outsourcing business or 5+ years in industry vertical
·  CISSP certification, CISM/CISA or CCSP  is a plus

Experience

The following experience is essential:

·  Experience as a Security consultant, architect and/or engineer;
·  Experience in working with security management including information governance and compliance’
·  Good understanding of Assurance Practices and Risk Management, with hands on experience;
·  Experience of security processes and standards, in particular ISO27001;
·  Knowledge of security audit and accreditation processes;
·  Ability to adapt to new security regimes.