Security Vulnerability Lead

Company

DXC Technology

Location

United Kingdom

Posted At

9/10/2025

Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with DXC Technology. For the most up-to-date job details, please visit the official website by clicking "Apply Now."

Description

Job Description

Job Title: Security Vulnerability Lead

Location: Hybrid London or Newcastle, UK

DXC’s Insurance Software and BPS business provides a range of software and services to the global insurance market including life, wealth, health, commercial and speciality, property and casualty, and reinsurance. DXC is also a key partner of the London Market, providing digital transformation and outsourcing services.

DXC’s insurance business has 13,000 domain experts serving 2,000 insurance customers operating in over 100 countries worldwide.

Role Overview

This is a dedicated account-level role responsible for leading vulnerability management across both heritage and digital IT estates within the London Markets account. The successful candidate will be tasked with rebuilding the vulnerability management program from the ground up, ensuring robust coverage, effective remediation coordination, and continuous improvement.

Key Responsibilities

Strategic Leadership

Refresh and redesign the vulnerability management framework for the account
Define success criteria and establish KPIs for vulnerability management effectiveness
Lead continual improvement initiatives and manage the program roadmap

Operational Oversight

Oversee vulnerability identification, assessment, and reporting across the estate
Ensure vulnerability scanning tools are properly configured, integrated, and provide adequate coverage
Maintain and publish regular reports on vulnerability status, trends, and aged backlog

Remediation Coordination

Collaborate closely with the Remediation Manager to drive timely resolution of vulnerabilities
Address aged vulnerabilities and align remediation efforts with business priorities
Review vulnerabilities accepted as risk and re-evaluate remediation opportunities

Governance and Compliance

Develop and maintain vulnerability management policies, standards, and procedures
Support internal and external audits with documentation and evidence
Ensure alignment with regulatory requirements and industry best practices

Stakeholder Engagement

Act as the central point of contact for vulnerability-related issues
Educate stakeholders on risks, remediation strategies, and tool usage
Provide executive-level summaries and technical reports to leadership

Key Challenges

Establishing a baseline for tool functionality and coverage across legacy and modern platforms
Producing a clear management view of vulnerabilities by component (OS, DB, middleware, etc.)
Coordinating across delivery teams and technical owners to ensure accountability and progress
Implementing a vulnerability matrix to track patching schedules, ownership, and compliance

Educational & Professional Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field
Preferred: Master’s degree or relevant certifications (e.g., CISSP, CISM, CRISC, GIAC)
Experience in vulnerability management or related security domains
Proven experience managing teams and driving security improvement programs

Desirable Skills

Strong understanding of vulnerability scanning tools (e.g., Qualys, Prisma Cloud, AWS GuardDuty)
Familiarity with patch management processes and SLAs
Excellent communication and stakeholder management skills
Analytical mindset with ability to prioritize risks and align with business impact

What We Can Offer You

Competitive Compensation & Pension Scheme – Rewarding your expertise while securing your future
Comprehensive Benefits Package – Including DXC Select, Perks at Work, and incentive programs for exclusive savings and rewards
Continuous Learning & Development – Access to upskilling opportunities, career growth resources, and industry-leading training
Lifestyle Perks – Enjoy options like the Salary Sacrifice Car Scheme and more

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.