Overview

Security Risk Management Lead – DXC Technology. Location: Hybrid London or Newcastle, UK. DXC’s Insurance Software and BPS business provides software and services to the global insurance market. 13,000 domain experts serving 2,000 insurance customers in over 100 countries.

Role Overview

The Security Risk Management Lead will be responsible for refreshing and managing the security risk program across both heritage and digital IT estates in the London Markets account. This role will assess the current risk posture, ensure risk coverage, and produce actionable risk reports. The successful candidate will work closely with the Vulnerability and Remediation Managers to align risk findings with remediation plans and drive continual improvement.

Key Responsibilities

1. Strategic Risk Management
   • Redesign and implement a comprehensive security risk management framework
   • Establish KPIs and success criteria for risk posture and mitigation effectiveness
   • Lead the continual improvement program for risk management
2. Risk Assessment and Reporting
   • Assess current risk coverage across the estate
   • Maintain and publish regular reports on risk status, trends, and aged risks
   • Link vulnerability findings and remediation actions to risk items
3. Stakeholder Engagement
   • Collaborate with vulnerability and remediation managers to align risk and remediation priorities
   • Work with technical teams to support risk mitigation planning
   • Provide executive-level summaries and technical reports to leadership
4. Governance and Compliance
   • Align with central corporate policies and maintain risk management standards and procedures
   • Ensure alignment with regulatory requirements and industry best practices
   • Support internal and external audits with documentation and evidence
5. Tool and Process Oversight
   • Ensure risk management tools are properly configured and integrated
   • Maintain a risk matrix that maps risks to configuration items, owners, and remediation schedules
6. Key Challenges
   • Evaluate the existing baseline for risk posture across diverse systems
   • Integrate risk data with vulnerability and remediation tracking
   • Address aged risks and convert accepted risks into actionable items
   • Produce clear, publishable reports for all levels of the organisation

Educational & Professional Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field
• Preferred: Certifications such as CRISC, CISSP, CISM, or ISO 27005
• Experience in security risk management or related domains
• Proven experience managing teams and driving security improvement programs

What We Can Offer You

• Competitive Compensation & Pension Scheme – Rewarding your expertise while securing your future
• Comprehensive Benefits Package – Including DXC Select, Perks at Work, and incentive programs for exclusive savings and rewards
• Continuous Learning & Development – Access to upskilling opportunities, career growth resources, and industry-leading training
• Lifestyle Perks – Salary Sacrifice Car Scheme and more

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Other, Information Technology, and Management

Industries

• IT Services and IT Consulting