DXC Technology Inc.
Job Description: Information Security Officer Location: UK Full-Time - Remote Velonetic represents the joint ventures between DXC Technology, the International Underwriting Association (IUA), and Lloyd's of London. Previously referred to as the London Market Joint Ventures, we have been operating for over 20 years in the London Market (Lloyd's and Company), in both insurance and reinsurance business. Processing over £117 billion worth of premium and claims transactions today, we are building a new digital platform and services that will enable our customers to move transactions and money through the processing lifecycle with greater efficiency and speed, releasing time to drive innovation and focus on higher value activities.As the Information Security Officer, you will be the Security point of contact for IT operations, responsible for the supporting and communicating the importance of compliance and governance of the security strategy, roadmap and policies that are in alignment with the organization's overall security objectives. Responsibilities Identify, assess, and prioritize security vulnerabilities, ensuring effective remediation plans are in place and executed. Lead investigations into information security breaches, ensuring proper reporting and communication with senior management during incidents. Work with the Security Incident Response Coordination Centre (SIRCC) to address and mitigate security incidents, ensuring proportionate remediation of information breaches. Work closely with the CISO to ensure the security strategy aligns with broader organisational objectives, whilst also meeting information privacy and protection regulations (e.g., GDPR). Monitor and review security policies, standards, and procedures focused on protecting information across all environments, ensuring alignment with business and IT priorities. Own and manage all information security risks, performing risk assessments specific to storage, processing, and transfer. Conduct periodic audits of information security controls to ensure compliance with internal policies and external regulations. Ensure that information security requirements are incorporated into all phases of technology systems, from design through deployment. Coordinate with third-party security vendors to conduct vulnerability assessments, penetration tests, and security audits focused on information protection. Stay current on emerging information security trends, threats, and technologies, recommending updates to security measures as needed. Establish and maintain a strong information security posture, continuously monitoring the effectiveness of controls and processes. Regularly evaluate the organization's information security safeguards, ensuring they provide robust protection against evolving threats and information-related risks. Monitor software development teams to ensure secure information handling throughout the software development lifecycle (SDLC), ensuring security is embedded processing systems and applications Qualifications & Experience Ideally, a degree in computer science, Information Systems, Engineering, or a related field. Holding any of the following qualifications would be an added advantage: CISSP, CCSP, GIAC Cloud security certifications. Proven experience in a security management capacity, particularly in information-rich industries (e.g., Software, Financial Services). Proven track record of securing cloud-based services, ensuring scalability, performance, and reliability. Expertise in a wide range of security domains: access controls, network security, cloud security, application security, secure software design, security testing, and vulnerability remediation, and incident management. Experience in cloud computing architectures, common technologies (e.g., AWS security tools). Good understanding of NIST security controls frameworks, risk assessment, and risk management. Familiarity with service control frameworks such as SOC 1 and 2. Knowledge of threat modelling and risk management practices. Strong project management skills with experience leading cross-functional teams in large, complex security projects. Investment In Training and Development We offer a comprehensive range of training and career development opportunities, a structured induction programme, tailored job training as well as mentoring and support for relevant sponsored professional qualifications. We're developing an environment where people can grow and harness their careers and skills to be the best that they can be to focus on the long term. Our Culture Here at Velonetic we support with care and compassion. We are constantly evolving our initiatives around equality, diversity, and inclusion to ensure that everyone feels equally involved and supported in the workplace no matter of who they are or what they do. We are proud of the culture we are creating to ensure that our commitment is ongoing and have a diverse mix of employees working within an inclusive environment and culture to create a high performing workforce led by talented leaders. We aspire to be recognised for our innovative and modern thinking approach. Employee Benefits As part of our competitive remuneration package, flexible benefits are available. There isan option to "flex up and down" on specific benefits, for example buy or sell annual leave, Private Medical Benefit, Dental and Travel Insurance.You will also have access to 'Perks at Work', a discount store to purchase gift cards at reduced rates and get discounts on holidays, restaurants, activities, groceries and more.DXC Recruitment Team will be engaging with all candidate applications on behalf of Velonetic.DXC will be managing the recruitment throughout the onboarding process.At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We're committed to fostering an inclusive environment where everyone can thrive.Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available . DXC Technology (NYSE: DXC) helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private and hybrid clouds. The world's largest companies and public sector organizations trust DXC to deploy services to drive new levels of performance, competitiveness, and customer experience across their IT estates. Learn more about how we deliver excellence for our customers and colleagues at .
Job Description: Information Security Officer Location: UK Full-Time - Remote Velonetic represents the joint ventures between DXC Technology, the International Underwriting Association (IUA), and Lloyd's of London. Previously referred to as the London Market Joint Ventures, we have been operating for over 20 years in the London Market (Lloyd's and Company), in both insurance and reinsurance business. Processing over £117 billion worth of premium and claims transactions today, we are building a new digital platform and services that will enable our customers to move transactions and money through the processing lifecycle with greater efficiency and speed, releasing time to drive innovation and focus on higher value activities.As the Information Security Officer, you will be the Security point of contact for IT operations, responsible for the supporting and communicating the importance of compliance and governance of the security strategy, roadmap and policies that are in alignment with the organization's overall security objectives. Responsibilities Identify, assess, and prioritize security vulnerabilities, ensuring effective remediation plans are in place and executed. Lead investigations into information security breaches, ensuring proper reporting and communication with senior management during incidents. Work with the Security Incident Response Coordination Centre (SIRCC) to address and mitigate security incidents, ensuring proportionate remediation of information breaches. Work closely with the CISO to ensure the security strategy aligns with broader organisational objectives, whilst also meeting information privacy and protection regulations (e.g., GDPR). Monitor and review security policies, standards, and procedures focused on protecting information across all environments, ensuring alignment with business and IT priorities. Own and manage all information security risks, performing risk assessments specific to storage, processing, and transfer. Conduct periodic audits of information security controls to ensure compliance with internal policies and external regulations. Ensure that information security requirements are incorporated into all phases of technology systems, from design through deployment. Coordinate with third-party security vendors to conduct vulnerability assessments, penetration tests, and security audits focused on information protection. Stay current on emerging information security trends, threats, and technologies, recommending updates to security measures as needed. Establish and maintain a strong information security posture, continuously monitoring the effectiveness of controls and processes. Regularly evaluate the organization's information security safeguards, ensuring they provide robust protection against evolving threats and information-related risks. Monitor software development teams to ensure secure information handling throughout the software development lifecycle (SDLC), ensuring security is embedded processing systems and applications Qualifications & Experience Ideally, a degree in computer science, Information Systems, Engineering, or a related field. Holding any of the following qualifications would be an added advantage: CISSP, CCSP, GIAC Cloud security certifications. Proven experience in a security management capacity, particularly in information-rich industries (e.g., Software, Financial Services). Proven track record of securing cloud-based services, ensuring scalability, performance, and reliability. Expertise in a wide range of security domains: access controls, network security, cloud security, application security, secure software design, security testing, and vulnerability remediation, and incident management. Experience in cloud computing architectures, common technologies (e.g., AWS security tools). Good understanding of NIST security controls frameworks, risk assessment, and risk management. Familiarity with service control frameworks such as SOC 1 and 2. Knowledge of threat modelling and risk management practices. Strong project management skills with experience leading cross-functional teams in large, complex security projects. Investment In Training and Development We offer a comprehensive range of training and career development opportunities, a structured induction programme, tailored job training as well as mentoring and support for relevant sponsored professional qualifications. We're developing an environment where people can grow and harness their careers and skills to be the best that they can be to focus on the long term. Our Culture Here at Velonetic we support with care and compassion. We are constantly evolving our initiatives around equality, diversity, and inclusion to ensure that everyone feels equally involved and supported in the workplace no matter of who they are or what they do. We are proud of the culture we are creating to ensure that our commitment is ongoing and have a diverse mix of employees working within an inclusive environment and culture to create a high performing workforce led by talented leaders. We aspire to be recognised for our innovative and modern thinking approach. Employee Benefits As part of our competitive remuneration package, flexible benefits are available. There isan option to "flex up and down" on specific benefits, for example buy or sell annual leave, Private Medical Benefit, Dental and Travel Insurance.You will also have access to 'Perks at Work', a discount store to purchase gift cards at reduced rates and get discounts on holidays, restaurants, activities, groceries and more.DXC Recruitment Team will be engaging with all candidate applications on behalf of Velonetic.DXC will be managing the recruitment throughout the onboarding process.At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We're committed to fostering an inclusive environment where everyone can thrive.Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available . DXC Technology (NYSE: DXC) helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private and hybrid clouds. The world's largest companies and public sector organizations trust DXC to deploy services to drive new levels of performance, competitiveness, and customer experience across their IT estates. Learn more about how we deliver excellence for our customers and colleagues at .
Deloitte LLP
Greenwich, London
Overview Do you want to be at the heart of some of the biggest and most ambitious programmes undertaken to keep our country safe? We are proud of the impact we have with Defence and Security clients, the strength of our relationships, and the variety of our skills and expertise that we bring to help them achieve their mission. We're growing our team. If you are cleared to SC or DV level, we are very keen to hear from you. Connect to your career at Deloitte Deloitte drives progress. Using our vast range of expertise, we help our clients become leaders wherever they choose to compete. To do this, we invest in outstanding people. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more. What brings us all together at Deloitte? It's how we approach the thousands of decisions we make everyday. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for measurable impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most. Connect to your opportunity Our projects vary greatly and your responsibility as a consultant will differ based on the focus of the client engagement and your skillset, but could include and may require you to: Assist in the design, implementation, and maintenance of IAM solutions, including integration with other systems and applications. Support the development and enforcement of IAM policies and procedures. Participate in access control and identity management activities. Supporting the monitoring and analysis of access management systems, including investigation and resolution of issues. Participating in IAM-related audits and compliance activities. Supporting the documentation of IAM processes and procedures. Assisting in the development and delivery of IAM training and awareness programmes. Collaborating with cross-functional teams to ensure effective IAM implementation and operation. Stay up to date with emerging security threats, technologies, and industry best practices, and provide recommendations for improvement. Communicate solutions to both a technical and non-technical audience. Qualifications and professional experience All applicants must have UK security clearance to Security Check (SC) or Developed Vetting (DV) level. We recognise our strength is in the diversity of our teams experience, background and culture. We are looking for talented individuals who are passionate about the work they do, prepared to think differently, are pragmatic and able to work with others to influence outcomes. We value those who aren't afraid to challenge the status-quo to help us improve. We deliver value to our clients, colleagues, and community in the way we plan, deliver, and reflect on our work, as a team. Diversity of thought is equally important to us and we are looking for applicants from all backgrounds. If you have experience in some of the areas we are looking for but aren't yet an expert in your field, that's fine. You must have some hands-on technical experience, but we are looking for team members who are at the early stages of their career who also want to grow and learn more. We will provide further training in Cloud Security, Vulnerability Management, Agile Security methodology and more, so you gain hands-on experience in areas you are not yet experienced in in a safe environment with empathetic and supportive feedback. Candidates will be able demonstrate relevant knowledge & experience through a combination of qualifications and evidence of work history such as: Certifications in IAM technologies such as CIAM or equivalent. Experience with SAML, OAuth and OpenID Connect. Practices, including securing cloud-based infrastructure and services. Experience working in or with Government organisations, including the handling of assets subject to the Government Security Classification Policy. Secure by Design, JSP 440. Connect to your business - Technology and Transformation Distinctive thinking, deep expertise, innovation and collaborative working. That's what connects us. That's what makes us Deloitte. If you want to help solve some of the biggest tech and transformational challenges around, join us. Together, we'll make an impact that matters. Cyber The modern world is more complex than ever before, and we are navigating an ever-changing landscape. We help clients to operate with resilience and grow with confidence to secure success and minimise risk. Personal independence Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. The recruitment team will provide further detail as you progress through the recruitment process or you can contact the Independence team upon request. Connect with your colleagues "Join Deloitte and you'll be guiding major clients to their best technology and process decisions. You'll work at the cutting edge, with some of the finest minds in this field, and be able to take your career in any direction." "At Deloitte, is collaboration that sets us apart. Our scale and structure mean you can draw on all kinds of expertise from across our entire global business and behave as a true business partner for your clients." Our hybrid working policy You'll be based in Bristol or London with hybrid working. At Deloitte we understand the importance of balancing your career alongside your home life. That's why we'll support you to work flexibly through our hybrid working policy. Depending on the requirements of your role, you'll have the opportunity to work in your local office, virtual collaboration spaces, client sites and remotely. You'll get the chance to meet face to face when needed, while you collaborate and learn from colleagues, share your experiences, and build the relationships that will fuel your career and prioritise your wellbeing. Please check with your recruiter for the specific working requirements that may apply for your role. Our commitment to you Making an impact is more than just what we do: it's why we're here. So we work hard to create an environment where you can experience a purpose you believe in, the freedom to be you, and the capacity to go further than ever before. We want you. The true you. Your own strengths, perspective and personality. So we're nurturing a culture where everyone belongs, feels supported and heard, and is empowered to make a valuable, personal contribution. You can be sure we'll take your wellbeing seriously, too. Because it's only when you're comfortable and at your best that you can make the kind of impact you, and we, live for. Your expertise is our capability, so we'll make sure it never stops growing. Whether it's from the complex work you do, or the people you collaborate with, you'll learn every day. Through world-class development, you'll gain invaluable technical and personal skills. Whatever your level, you'll learn how to lead. Connect to your next step A career at Deloitte is an opportunity to develop in any direction you choose. Join us and you'll experience a purpose you can believe in and an impact you can see. You'll be free to bring your true self to work every day. And you'll never stop growing, whatever your level. Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk/careers
Overview Do you want to be at the heart of some of the biggest and most ambitious programmes undertaken to keep our country safe? We are proud of the impact we have with Defence and Security clients, the strength of our relationships, and the variety of our skills and expertise that we bring to help them achieve their mission. We're growing our team. If you are cleared to SC or DV level, we are very keen to hear from you. Connect to your career at Deloitte Deloitte drives progress. Using our vast range of expertise, we help our clients become leaders wherever they choose to compete. To do this, we invest in outstanding people. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more. What brings us all together at Deloitte? It's how we approach the thousands of decisions we make everyday. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for measurable impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most. Connect to your opportunity Our projects vary greatly and your responsibility as a consultant will differ based on the focus of the client engagement and your skillset, but could include and may require you to: Assist in the design, implementation, and maintenance of IAM solutions, including integration with other systems and applications. Support the development and enforcement of IAM policies and procedures. Participate in access control and identity management activities. Supporting the monitoring and analysis of access management systems, including investigation and resolution of issues. Participating in IAM-related audits and compliance activities. Supporting the documentation of IAM processes and procedures. Assisting in the development and delivery of IAM training and awareness programmes. Collaborating with cross-functional teams to ensure effective IAM implementation and operation. Stay up to date with emerging security threats, technologies, and industry best practices, and provide recommendations for improvement. Communicate solutions to both a technical and non-technical audience. Qualifications and professional experience All applicants must have UK security clearance to Security Check (SC) or Developed Vetting (DV) level. We recognise our strength is in the diversity of our teams experience, background and culture. We are looking for talented individuals who are passionate about the work they do, prepared to think differently, are pragmatic and able to work with others to influence outcomes. We value those who aren't afraid to challenge the status-quo to help us improve. We deliver value to our clients, colleagues, and community in the way we plan, deliver, and reflect on our work, as a team. Diversity of thought is equally important to us and we are looking for applicants from all backgrounds. If you have experience in some of the areas we are looking for but aren't yet an expert in your field, that's fine. You must have some hands-on technical experience, but we are looking for team members who are at the early stages of their career who also want to grow and learn more. We will provide further training in Cloud Security, Vulnerability Management, Agile Security methodology and more, so you gain hands-on experience in areas you are not yet experienced in in a safe environment with empathetic and supportive feedback. Candidates will be able demonstrate relevant knowledge & experience through a combination of qualifications and evidence of work history such as: Certifications in IAM technologies such as CIAM or equivalent. Experience with SAML, OAuth and OpenID Connect. Practices, including securing cloud-based infrastructure and services. Experience working in or with Government organisations, including the handling of assets subject to the Government Security Classification Policy. Secure by Design, JSP 440. Connect to your business - Technology and Transformation Distinctive thinking, deep expertise, innovation and collaborative working. That's what connects us. That's what makes us Deloitte. If you want to help solve some of the biggest tech and transformational challenges around, join us. Together, we'll make an impact that matters. Cyber The modern world is more complex than ever before, and we are navigating an ever-changing landscape. We help clients to operate with resilience and grow with confidence to secure success and minimise risk. Personal independence Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. The recruitment team will provide further detail as you progress through the recruitment process or you can contact the Independence team upon request. Connect with your colleagues "Join Deloitte and you'll be guiding major clients to their best technology and process decisions. You'll work at the cutting edge, with some of the finest minds in this field, and be able to take your career in any direction." "At Deloitte, is collaboration that sets us apart. Our scale and structure mean you can draw on all kinds of expertise from across our entire global business and behave as a true business partner for your clients." Our hybrid working policy You'll be based in Bristol or London with hybrid working. At Deloitte we understand the importance of balancing your career alongside your home life. That's why we'll support you to work flexibly through our hybrid working policy. Depending on the requirements of your role, you'll have the opportunity to work in your local office, virtual collaboration spaces, client sites and remotely. You'll get the chance to meet face to face when needed, while you collaborate and learn from colleagues, share your experiences, and build the relationships that will fuel your career and prioritise your wellbeing. Please check with your recruiter for the specific working requirements that may apply for your role. Our commitment to you Making an impact is more than just what we do: it's why we're here. So we work hard to create an environment where you can experience a purpose you believe in, the freedom to be you, and the capacity to go further than ever before. We want you. The true you. Your own strengths, perspective and personality. So we're nurturing a culture where everyone belongs, feels supported and heard, and is empowered to make a valuable, personal contribution. You can be sure we'll take your wellbeing seriously, too. Because it's only when you're comfortable and at your best that you can make the kind of impact you, and we, live for. Your expertise is our capability, so we'll make sure it never stops growing. Whether it's from the complex work you do, or the people you collaborate with, you'll learn every day. Through world-class development, you'll gain invaluable technical and personal skills. Whatever your level, you'll learn how to lead. Connect to your next step A career at Deloitte is an opportunity to develop in any direction you choose. Join us and you'll experience a purpose you can believe in and an impact you can see. You'll be free to bring your true self to work every day. And you'll never stop growing, whatever your level. Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk/careers
