Security Governance and Risk Compliance (GRC) Consultant - Remote

Posted:
9/24/2024, 7:38:40 AM

Experience Level(s):
Senior

Field(s):
Consulting

Job Description:

Summary of Position:

A senior security professional who leads or as a member of a team aids clients in the implementation of business and technology solutions and conducts assessments in conformance with various regulations and standards. Also serves clients as a subject matter expert in general areas of security as well as Governance and Risk Compliance. Participates with sales members in seeking new clients and maintaining established clients. Contributes to the improvement of the security practice and mentors new team members.

  • Applies advanced subject matter knowledge to complex business issues and is regarded as a subject matter expert
  • Frequently contributes to the development of new ideas and methods
  • Works on complex problems / projects where analysis of situations or data requires an in-depth evaluation of multiple factors
  • Exercises significant independent judgment within broadly defined policies and practices to determine best method for accomplishing work and achieving objectives
  • Leads and / or provides expertise to functional project teams and may participate in cross-functional initiatives
  • May provide mentoring and guidance to lower level employees
  • Acts as an expert providing direction and guidance to process improvements and establishing policies
  • Frequently represents the organization to external customers/clients

Responsibilities and Duties:

  • Engages in peer-to-peer dialogue with clients about their industry and their situation
  • Opens new discussions and builds new opportunities with clients
  • Constructs the overall transformation roadmap for the client
  • Builds strong rapport with clients creating respect and trust
  • Opens new relationship opportunities within the client environment
  • Understands how to construct and gain agreement for business cases
  • Selects appropriate tools available to develop and validate business cases including lifetime costing
  • Shapes and influences client attitudes to outcomes and key benefits for both the client and HP
  • Plan and lead delivery of workshops and facilitated client events
  • Develop MOC work streams and lead the implementation of MOC activities acting as the change consultant for the client
  • Ability to propose solutions, addressing client business issues and objectives using a combination of DXC standardized and customized services
  • Shapes approach to identifying and managing risks and assumptions and for realizing benefits at a program level
  • Creates proposal describing the DXC solution and the associated value proposition, ensuring knowledge capture sessions are arranged and executed
  • Determine the required services and contributions for the practice and ensure there is a resource plan in place to meet these demands
  • Build relationships and alignment between other partners and groups within DXC
  • Assist the other practices and leadership in planning activities for the practices
  • Prepare to oversee the development, delivery and maintenance of business and technology solutions, to includes the creation and or update of policies, standards, procedures, and guidelines for clients
  • Working knowledge of Risk Management Frameworks
  • Good understanding of NIST, ISO 27000 series, FISMA, HIPAA, HITECH, COBIT, COSO, ITIL, PCI DSS
  • Clearly able to brief senior executives on threats in their current environment and industry
  • Remain up to date with the latest security threats and trends
  • Willing to travel up to 50%

Qualifications:

  • Bachelor Degree in Computer Science or related field
  • At least 5 years of experience in commercial or public sector
  • At least 5 years of experience as a GRC security consultant
  • Strong communication and presentation skills
  • Be a credible leader, manager and a strong team player
  • Relevant certifications, such as, CISSP
  • US Driver's License

Work environment:

Remote work with up to 50% travel

Compensation at DXC is influenced by an array of factors, including but not limited to the experience, job-related knowledge, skills, competencies, as well as contract-specific affordability and organizational requirements. A reasonable estimate of the current compensation range for this position is $109,700 - $203,600.

Full-time hires are eligible to participate in the DXC benefit program.  DXC offers a comprehensive, flexible, and competitive benefits program which includes, but is not limited to, health, dental, and vision insurance coverage; employee wellness; life and disability insurance; a retirement savings plan, paid holidays, paid time off.

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age or genetic information. DXC's commitment to diversity and inclusive selection practices includes ensuring qualified long-term unemployed job seekers receive equal consideration for employment. View postings below.

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings link

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note: DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.