Security Officer / Consultant
DXC Technology Company
Taipei, Taipei City , Taiwan

Job Description :

Account Security Officer is the account's security interface to the client at governance, delivery and specific operational levels.

The ASO is accountable for managing the delivery of security services from MSS and governing security controls delivered by other DXC Capability teams.

You will be working with chief security and compliance officers and senior technology and business management to understand customer business priorities and security needs, and to influence the development / alignment of security strategy.

Assisting in creating strategy roadmap, the ASO is expected to assess, recommend and drive the implementation of security solutions that effectively support client business objectives in infrastructure and information risk management.

This is a senior level role that requires to interact with and influence C-level personnel such as CISOs and CIOs within client organizations, as well as to support account and delivery organizations in attaining organizational security goals and revenue targets.

You must be able to demonstrate industry expertise and how this translates into secure operational services for clients, and develop security solutions that promote growth of the security footprint within the assigned client.

The ASO is to :

  • Develop a deep relationship with the client based on trust, delivery and execution in order to drive service excellence and ultimately sales.
  • Develop a thorough understanding of the client's business and IT Risk Management strategies; and deliver GCC services accordingly.
  • Ensure that DXC capabilities are provided maximum opportunity to support account expansion goals.
  • Maintain a close relationship with the account team, and support them in their dealings with the client.
  • Strive to become a 'Trusted Advisor' to the client, either providing expert technical advice themselves, or bringing in subject matter experts where appropriate from both within and outside DXC.
  • Have a thorough understanding of all the commercial aspects of the Security business within the account.
  • Provide input to the client's security strategy and technical roadmap.
  • In the security governance role the Security Officer should be aware of important operational issues including security compliance, and be the escalation point for significant security events, problems and incidents.
  • Account Security

  • Responsible for delivery of account Security Compliance by the DXC Account Team
  • Organisation, scheduling, attendance tracking of the account Security Governance board.
  • Ensure delivery of; agenda, minutes, account security risk and compliance register, remediation plans, account risk register
  • Review of client security policy - gap analysis, contractual deliverables, security awareness
  • Security Awareness training to DXC Lines of Service
  • Provide required reporting; Account Scorecard, Security Risk and Compliance register, Security Controls Report - monthly, security services report (summary) monthly
  • Meet weekly with the Account Executive / Account Manager / Service Executive - formal document discussions and actions
  • Deliver SLA reporting for Security Services
  • Work with MSS to ensure DXC security obligations are met
  • Develop account level security business plan to address overall strategy
  • Monthly finance reporting for security service line
  • Maintain an account handbook (and other account specific base documents) which describe the Security Officers engagement points with the client and identifies security interfaces across DXC's account team.
  • Contribute to the Security Officer community and attend collaboration meetings.
  • Meeting with Security leadership team to provide update on Security service within the account
  • Governance, Risk and Compliance (GRC)

  • Provide the Client a single point of contact for security matters related to DXC's Services
  • Be the security relationship manager for the client for all GRC related issues.
  • Review and ensure delivery of the monthly Security Risk and Security compliance report produced by the analyst
  • Consolidates from operational groups and delivers monthly security services operational reporting
  • Review and approve security changes on the account.
  • Chair client report review meetings.
  • Maintain the Security Incident Response Program - Incident Management Plan
  • Meet at least weekly with the client. One formal meeting documented with meeting minutes and actions.
  • Organise quarterly presentations to bring security innovation to the client - leverage DXC's Global IP, community and industry (ie.
  • SMEs, CTO, vendor, Security Lead, Director, etc.)

    Challenges of position :

  • The challenges of this position are inherent in the delivery of outsourcing services to clients, and may include;
  • Large, complex, diverse information system environment
  • Interpretation of complex, dated or irrelevant client security policy
  • Lack of security policy, security framework or poor interpretations relevant standards and regulations.
  • Accountability (real or perceived) for security delivery in other delivery groups. Quasi federated" structure
  • Client requires a broad appreciation and understanding of business, IT risk and security strategy
  • Challenging and complex client management environment
  • Security treated by client and account team as an "add on" and a cost to deliver a service rather than an inherent part of it.

  • Minimum 7 years professional experience in discipline in the realm of Information Security
  • Balance of technical security knowledge and GRC experience
  • Senior practitioner level experience with security environments
  • Ability to work independently and manage multiple projects and task demands effectively
  • Experience in auditing, interpreting and implementing security policy
  • Ability to work successfully and constructively within a team of diverse stakeholders, business and technical
  • Outstanding interpersonal skills
  • Business acumen
  • Strong analytical an conceptual design skills
  • Expert writing and communications skills
  • CISSP,CISM preferred, but may be substituted with equivalent technical credentials and experience
  • Ability to deal with complex problems, matrix management and ambiguity
  • Bachelors or Masters Degree, preferably in technical discipline or field (engineering, computer science, etc). Equivalent technical work experience may be considered as a substitute for university degree
  • Security management in the appropriate industry
  • Experience in working in a matrix environment, and ability to direct and influence others without being their line manager
  • 申請
    通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。