Security Consultant

Job Description:

About DXC Bulgaria  

We are DXC - a Fortune 500 global IT services leader. In Bulgaria, we are among the largest employers with over 4,000 employees working on the company's entire IT portfolio. We are flexible - we provide everything you need to comfortably work from home, but we also keep our offices open for collaboration, meetings, and building a strong team spirit. We tailor everyone’s development path to their individual interests through training and additional certifications.

Our experience and desire to grow, our mission, and our values ​​create an environment where ambitious people become successful at home. At home - in Bulgaria.

The Security Consultant will be responsible for drafting new policy or amending existing security policy and procedure sets for clients that regulatory and compliance requirements (Policy Development).  This person shall undertake assessment activity to identify gaps against well-known and client developed security standards (Gap Analysis). The consultant will be creating end-to-end risk management programs or perform risk assessment using well-known methodologies for risk identification. Develop risk remediation plan (Risk Assessment). Help in designing and implementing Information Security Management System aligned to regulatory and client security standards (ISMS).

​Daily challenges:

• Gap Analysis

• Policy Development

• Risk Assessment

• Setup Security Governance Models

• Security KPI Setup

• Auditing

• ISMS Implementation

• Security Plan Development

• Cyber Strategy

Experience and skills required:

• Fluent English (minimum C1 level)

• 7+ years of professional IT experience (with at least 4 years of professional experience on positions related to the security domain – GRC (Governance, Risk and Compliance), audit management and process management are preferred)

• Awareness of cyber-attack techniques and how protective monitoring systems can be used for detection, mitigation, remediation and protection

• Experience of Enterprise Risk Management methodologies/techniques development and implementation.

• Experience of risk analysis output’s implementation into Information Security processes

• Experience in working in project environment, ideally as task group or technical lead

• Very good communication and presentations skills including ability to present to executives

• Experience with interpreting and applying appropriate Standards, Policies and Legislation, (e.g. ISO27001, PCI DSS, COBIT, SOX, DPA, GDPR, NIST etc.) confirmed by respective certifications or relevant experience

• A keen interest in the latest security technologies.

• A wide awareness of Cyber Security and Cyber Threat Landscape

• Professional accreditations like CISA; CISM; ISO 27001; CISSP.

What’s in it for you?

At DXC Technology, we don’t just offer jobs - we build careers. Here’s what you can look forward to when you join us:

• Enjoy competitive compensation and grow your career in a fast-paced, international environment.

• Benefit from 24 days of paid vacation to rest, explore, and recharge - plus comprehensive medical and life insurance, and monthly food vouchers to support your lifestyle.

• Access premium learning platforms, get company-sponsored certifications, and grow your skills with continuous development opportunities tailored to you.

• Get recognized through our Employee Recognition Program - your contributions deserve the spotlight.

• Refer great talent through our Employee Referral Program and get rewarded for helping shape our future.

• Enjoy discounts and special offers with your employee badge - it pays to be part of the team.

• Access 24/7 support for you and your family, with a wide range of wellbeing resources to help you thrive.

• Join meaningful initiatives that give back to the community and connect you with like-minded colleagues through fun and impactful experiences.

We Deliver eXcellence for our Customers and colleagues every day. Our values form the foundation of everything we do and every decision we make.

If you feel comfortable with the above-mentioned requirements, please send us your CV in English. At DXC our employees’ safety and well-being remain a key priority for us. Therefore, we continue with stay-at-home recruiting and video interviewing for the foreseeable future.

Please note only shortlisted candidates will be contacted.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.