Job Description :
The Third Party Risk Management Cyber Security Manager is responsible for managing security risks associated with all third parties including clients, vendor / suppliers, partners and others.
The role will establish and continually improve the third party risk management program by building business partnerships internal to DXC with the information assurance / OCIO, sales / sales support and account management team, supply chain, legal, privacy and other business functions.
The role conducts risk assessments for DXC suppliers / vendors, responds to client due diligence and post contract questionnaires, negotiates Data Network and Security Schedule and Client Master Services Agreements from a security perspective.
The role will also be responsible for service management of one of the offerings under the third party risk management team.
Detail responsibilities :
Provide and review responses to client security information requests, ensuring promptness and accuracy while enabling Sales pursuit teams to demonstrate DXC’s industry-
leading security program and its commitment to protecting / securing the confidentiality, integrity, and availability of client, internal, and third party information.
Ensure client security audit or information requests are answered accurately, with sufficient level of detail to assure the Client our security programs are mature and are providing comprehensive digital protection to their business.
Consult and contribute to sales contract process by reviewing and providing guidance on compliance, data privacy and security terms.
Provide redlines on Client security terms and guide Legal and Sales teams on risk levels of various contract requirements.
Review Client deals and provide security risk data. The risk analysis will identify security risks associated with Client proposed deals.
Perform Data Network and Security Schedule subject matter expertise support in order to establish acceptable and prohibited uses of our confidential data by Third Parties.
Perform supplier Security Risk Assessments to enable the business to make informed decisions about security risks associated with a particular
Act as the service manager for one of the TPRM services moving the service through the maturity model
Create and generate monthly reporting statistics
Perform other duties as assignment by management
Required education :
Bachelor s degree in a technology discipline or equivalent experience
Basic technical requirements :
5+ years of Cyber Security or Risk Management relevant experience
Security certification such as CRM, CRISC, CTPRP CISSP, CISM or relevant experience
Ability to build, manage and improve the security programs identified, specifically the third party risk management assigned using the identified CMM standards
Working knowledge of the appropriate security standards and frameworks including ISO, AICPA SOC, NIST, and other standards as they are identified
Familiarity with industry standard tools to manage work load (ServiceNow, SharePoint)
Basic skills (non-technical)
Project management skills and ability to manage multiple tasks and project simultaneously
Strong communication skills, advanced English
Excel reporting skills
Skills including being analytical with attention to detail and long periods of focused attention and sitting, ability to prioritize, troubleshooting
Ability to perform effective third party risk assessments and the ability to respond to third party risk assessment in a timely manner
Strong written skills to produce security feedback on contracts that are easy to understand for each defined audience
DXC Technology is the world’s leading independent, end-to-end IT services company, helping clients harness the power of innovation to thrive on change.
Created by the merger of CSC and the Enterprise Services business of Hewlett Packard Enterprise, DXC Technology serves nearly 6,000 private and public sector clients across 70 countries.
The company’s technology independence, global talent and extensive partner alliance combine to deliver powerful next-generation IT services and solutions.
DXC is recognized among the best corporate citizens globally.