Job Description:

DXC Technology helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private, and hybrid clouds. The world’s largest companies and public sector organizations trust DXC to deploy services across the Enterprise Technology Stack to drive new performance levels, competitiveness, and customer experience. Learn more about how we deliver excellence for our customers and colleagues at DXC.com.

DXC’s Global Cyber Security team continues to evolve the maturity of our overall cyber security risk management capabilities and promote a risk-aware culture across the company. DXC’s goal is to enable a more comprehensive risk view that will enable the company to better secure its technology landscape and manage the investments that it is making in risk mitigation. We are looking for an experienced Third Party Risk Manager who will work across the enterprise to elevate our third-party risk management program to enable this change.

About The Role:

The Cyber Security Third Party Risk Manager will work daily with the Supply Chain and our Business to assess vendors against cyber controls and ensure DXC is informed of vendors lacking cyber discipline and protected from engaging in high-risk relationships.  We are looking for an individual enthusiastic to cultivate and build on our existing process, leveraging our tooling and AI.  An individual who can establish a vision and rally a team around this vision.  The candidate must be effective at communicating with various levels of IT leadership and work collaboratively across a matrixed organization.

WHAT YOU WILL DO

• Manage and facilitate the overall cyber risk assessment function for third-party vendors
• Own the process to conduct cyber risk assessments on vendors, manage risks related to those assessments, and respond to client requests about DXC’s cyber posture
• Continuously monitor third-party vendors for changes in posture and adverse alerts
• Track and mitigate risks that result from third-party assessments
• Collaborate with Supply Chain and Legal to continually streamline and mature the third-party cyber risk assessment process
• Maintain process alignment with the NIST Cybersecurity Framework
• Contribute to the documentation of policy and standards changes related to third-party risk
• Be our cybersecurity subject matter expert for third-party risk
• Provide reporting metrics that tell the story of third-party risk from a cyber perspective and use these metrics to inform and drive improvements to the process
• Manage a team of risk analysts to carry out the service, provide guidance, and cultivate their individual growth
• Educate and increase awareness of information security policies and best practices.
• Deliver strong written and presentation skills to senior leaders regarding the global risk profile.

WHO YOU ARE

• 5+ years of relevant experience desired
• Minimum 3 years of experience conducting third-party risk assessments using risk and control frameworks, including ISO, NIST, or other industry standards
• Proven experience in cybersecurity management roles
• IT Security, technology, or other relevant certifications are a plus

• Must be legally authorized to work in the United States without requiring sponsorship now or in the future.

• Strong communication and business relationship skills
• Delivery-focused mindset that will be able to work in a fast-paced environment with shifting priorities. 
• Ability to organize and execute projects to drive process improvements
• Knowledge of a wide variety of information security concepts, services, and technologies
• Ability to present and discuss IT security strategy and business decisions with senior management
• Maintain a solid understanding of cyber risk, controls mapping, and business processes
• Able to act independently when making technical or business decisions
• Knowledge of information security best practices, regulatory concerns, and security standards

Work Environment

• If you live within 40 km (25 miles) of a DXC office, you are expected to work onsite at least two days per week.

Joining DXC connects you to brilliant people who embrace change and seize opportunities to advance their careers and amplify customer success. At DXC we support each other and work as a team — globally and locally. Our achievements demonstrate how we deliver excellence for our customers and colleagues. You will be joining a team that works to create a culture of learning, diversity, and inclusion, and is dedicated to strong ethics and corporate citizenship.

Compensation at DXC is influenced by an array of factors, including but not limited to the experience, job-related knowledge, skills, competencies, as well as contract-specific affordability and organizational requirements. A reasonable estimate of the current compensation range for this position is $115,100 – $213,700.

Full-time hires are eligible to participate in the DXC benefit program.  DXC offers a comprehensive, flexible, and competitive benefits program which includes, but is not limited to, health, dental, and vision insurance coverage; employee wellness; life and disability insurance; a retirement savings plan, paid holidays, paid time off.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology Company (DXC) is an Equal Opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, pregnancy, veteran status, genetic information, citizenship status, or any other basis prohibited by law. View postings below.

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings Link

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note: DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.