Europe-IT-Security-ID640-DevApp Security Specialist-JL09

Job Description:

DXC is looking for a Senior Cybersecurity Governance Expert to lead the implementation, monitoring, and evolution of cybersecurity governance strategies, ensuring compliance with applicable regulations and industry standards.

Key Responsibilities

• Define, implement, and continuously improve the Cybersecurity Governance framework aligned with industry standards (e.g., NIST, ISO/IEC 27001, COBIT).

• Coordinate cyber risk assessments and contribute to the development of mitigation strategies.

• Ensure compliance with relevant regulations and standards (e.g., GDPR, DORA, NIS2, SOX, PCI-DSS).

• Draft, update, and maintain cybersecurity policies, standards, and procedures.

• Support internal and external IT and cybersecurity audits.

• Promote a security-aware culture through training and awareness initiatives.

• Monitor the evolving regulatory and threat landscape and advise on strategic adjustments.

• Provide regular reporting and updates to senior management and governance bodies.

Requirements:

• In-depth knowledge of major security frameworks and standards (e.g., ISO 27001, NIST CSF, CIS Controls)

• Proven experience with GRC frameworks and risk management methodologies

• Familiarity with risk assessment tools and control management

• Ability to interpret regulations and translate them into operational requirements

• Experience in audit and compliance activities

Soft Skills:

• Strong leadership and cross-functional collaboration skills

• Excellent communication abilities, including with non-technical stakeholders

• Strategic mindset with strong problem-solving orientation

• Detail-oriented and results-driven

Location: Rome with smart working possibility

LI-DNI

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.