Match score not available

Security Consultant

extra holidays - extra parental leave - fully flexible
Remote: 
Full Remote
Contract: 
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

Fluent English (minimum C1 level), 7+ years of professional IT experience, Awareness of cyber-attack techniques, Experience in risk management methodologies/techniques, Professional certifications like CISA, CISM, ISO 27001, CISSP.

Key responsabilities:

  • Drafting new or amending existing security policies
  • Undertaking gap analysis and risk assessments
  • Developing end-to-end risk management programs
  • Assisting in designing and implementing ISMS
  • Setup security governance models and KPIs
DXC Technology  logo
DXC Technology Information Technology & Services Large http://www.dxc.com/
10001 Employees
See more DXC Technology offers

Job description

Job Description:

About DXC Bulgaria  

We are DXC - a Fortune 500 global IT services leader. In Bulgaria, we are among the largest employers with over 4,000 employees working on the company's entire IT portfolio. We are flexible - we provide everything you need to comfortably work from home, but we also keep our offices open for collaboration, meetings, and building a strong team spirit. We tailor everyone’s development path to their individual interests through training and additional certifications.

Our experience and desire to grow, our mission, and our values ​​create an environment where ambitious people become successful at home. At home - in Bulgaria.

The Security Consultant will be responsible for drafting new policy or amending existing security policy and procedure sets for clients that regulatory and compliance requirements (Policy Development).  This person shall undertake assessment activity to identify gaps against well-known and client developed security standards (Gap Analysis). The consultant will be creating end-to-end risk management programs or perform risk assessment using well-known methodologies for risk identification. Develop risk remediation plan (Risk Assessment). Help in designing and implementing Information Security Management System aligned to regulatory and client security standards (ISMS).

Daily challenges:

  • Gap Analysis
  • Policy Development
  • Risk Assessment
  • Setup Security Governance Models
  • Security KPI Setup
  • Auditing
  • ISMS Implementation
  • Security Plan Development
  • Cyber Strategy

eXperience and skills required

  • Fluent English (minimum C1 level)
  • 7+ years of professional IT experience (with at least 4 years of professional experience on positions related to the security domain – GRC (Governance, Risk and Compliance), audit management and process management are preferred)
  • Awareness of cyber-attack techniques and how protective monitoring systems can be used for detection, mitigation, remediation and protection
  • Experience of Enterprise Risk Management methodologies/techniques development and implementation.
  • Experience of risk analysis output’s implementation into Information Security processes
  • Experience in working in project environment, ideally as task group or technical lead
  • Very good communication and presentations skills including ability to present to executives
  • Experience with interpreting and applying appropriate Standards, Policies and Legislation, (e.g. ISO27001, PCI DSS, COBIT, SOX, DPA, GDPR, NIST etc.) confirmed by respective certifications or relevant experience
  • A keen interest in the latest security technologies.
  • A wide awareness of Cyber Security and Cyber Threat Landscape
  • Professional accreditations like CISA; CISM; ISO 27001; CISSP.

Company benefits

  • Competitive remuneration package
  • Additional Medical & Life insurance
  • 4 days additional paid leave (total: 24 days)
  • The possibility to work entirely remotely
  • Food vouchers
  • Training, continuous learning and career development in the largest IT company on the market
  • Unlimited access courses from a bunch of external partners for the best learner's experience (e.g., LinkedIn Learning, Udemy)
  • Access to a foreign language learning platform
  • Stable employment in an international company
  • Advancement opportunities within the organization (a variety of interesting projects with the array of technologies and tools)
  • Flexibility in work arrangement (hybrid or fully remote work, the home office culture is in our DNA)
  • Workplace equipment to organize your home office (e.g., chair, desk, additional monitor, headset etc.)
  • DXC Partner courses and certifications (Microsoft, SAP, ServiceNow, AWS, Google, Dell Technologies, IBM, Micro Focus, Salesforce, Red Hat, VMware, Workday)
  • Employee Referral Program - a financial bonus for the referrer for successful candidate recommendation
  • Employee Recognition Program with points assigned by colleagues for the recognized employees (exchangeable for prizes)
  • Employee Assistance Program (providing 24/7 support for employees and their families in difficult life situations)
  • Opportunity to join our numerous charity and ecology-related events organized by our Employee Ambassadors team


We Deliver eXcellence for our Customers and colleagues every day. Our values form the foundation of everything we do and every decision we make.

If you feel comfortable with the above-mentioned requirements, please send us your CV in English. At DXC our employees’ safety and well-being remain a key priority for us. Therefore, we continue with stay-at-home recruiting and video interviewing for the foreseeable future.

Please note only shortlisted candidates will be contacted.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Information Technology & Services
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Presentations
  • Verbal Communication Skills
  • Teamwork

Cybersecurity Consultant Related jobs