Advisor Security Compliance-3

**Advisor Risk and Audit Management**:
Our Security team is comprised of security professionals with a broad background in business information security management and industry certification and assurances supporting DXC’s Outsourced Clients.

DXC Audit Management Scope includes the different types of Audits such as, Internal, External and Regulatory Audits, which are bound to DXC/client Delivery Model, Policies, Activities, Tool Solutions, Governance and Reporting structures. DXC scope additionally includes DXC internal/external audits & Regulatory activities impacting this account.

**Key responsibilities**
- Audit/Regulatory (Supervisory) Requests & Response (Use Cases)
- Audit/Regulatory Issues or Findings Management
- Regulatory Update Reporting
- Facilitating appropriate protocol between DXC and client (scope, contractual guidance, etc.)
- Acting as SPOC for audit and regulatory requests from client
- Engaging with DXC Account Team (RPMs/CCLs)
- Collecting and delivering requested information
- Managing and ensuring deliverables are logged to the repository
- Supporting on site visits
- Tracking the remediation of findings
- Providing status reporting and escalation
- Maintaining awareness of regulatory updates and ensuring continuous education to account staff

**Position skills when hiring**:

- Facilitating appropriate audit protocol between
DXC and client
- Acting as SPOC for audit and regulatory requests
from client
- Escalating and Engaging with DXC Account Teams
- Managing and ensuring deliverables are logged.
- Supporting DC inspections, restricted document viewing redacted document copy process arrangements
- Overseeing all IHD handover deliverables
- Providing status reporting and escalation
- Quality gate for requested information & evidence
- Maintaining awareness of regulatory updates
- Ensuring continuous education to account staff
- Delivery of SOC1 and OSPAR audit requirements
- Coordinate with HR, Physical security, real estate groups to comply with Client Control requirements.
- Single point of contact with the Client on Audit, Security and compliance requirements.
- Building and maintaining the client relationship
- Knowledge and awareness of relevant security compliance procedures and certifications
- Contribute to security services growth

**Mandatory Skills must include**:

- Experience working with ISO 27001, SOX & the Privacy Act standards and regulations for organizations size of 500+people
- Experience working with SOC1, SOC2 and OSPAR regulatory assessments
- Ability to assess and audit operational, management, and technical security controls against a standard and to assess risk
- Experience supporting 3rd-party audit activities
- Excellent and effective communication skills at all levels of management (customer and within DXC)
- Capable of engaging with client global compliance officers, audit teams and compliance leadership.
- Lead audit engagements with external auditors and regulators.
- Face into our delivery organizations and drive audit actions/closures
- Draft audit responses - action plans and management summaries.
- Liaise with DXC leadership team to escalate audit findings and remediation.
- Mid-level Regulatory compliance knowledge - be able to understand Financial Services and interpret changing/evolving regulatory requirements.
- Promote the awareness and understanding of good operational InfoSec risk practices
- Experience in conducting the information security awareness training programs (DXC and third parties)
- Experience in designing the information security policy and procedure development, management, and compliance assessment reports

**Education & Experience**
- Typically, 10 - 12+ years of experience with at least 8 years in the field of Information Security
- Preferred Certifications: CISA or CISM, ISO 27001 LA