Manager of Governance, Risk, and Compliance; GRC

Manager of Governance, Risk, and Compliance (GRC)

Get AI-powered advice on this job and more exclusive features.

The Manager of Governance, Risk, and Compliance (GRC) will lead governance, risk, and compliance initiatives across the insurance software business unit, ensuring alignment with corporate cybersecurity standards, regulatory frameworks, and customer contractual obligations. This role bridges enterprise cybersecurity policy and SaaS-specific operations, overseeing risk management, control assurance, and audit readiness activities. The ideal candidate will have strong experience in commercial cloud security, risk assessment, and compliance (i.e., SOC 1 & 2, NIST, GDPR, ISO 27001, etc.),

and will collaborate with product, engineering, and operations teams to embed security governance and compliance into the software development and service delivery lifecycle.

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field.

• 7+ years of progressive experience in cybersecurity and information technology, with a minimum of 3 years focused on GRC functions.
• Experience managing risk and compliance for commercial cloud-hosted environments (AWS, Azure, Google).
• Hands‑on experience with compliance frameworks such as: SSAE 18 (SOC 1 &
  2), ISO 27001/27701, NIST 800‑53, NIST CSF, CIS.
• Familiar with GDPR, CCPA and/or other data protection regulations.
• Proven ability to manage audits, compliance assessments, and evidence collection in a fast‑paced environment.
• Strong understanding of Dev Sec Ops , CI/CD pipelines, and shared responsibility models for software application security.
• Demonstrated experience with risk management tools (e.g., Archer, Service Now GRC, One Trust, Logic Gate).
• Excellent communication and stakeholder management skills across technical and executive audiences.

• CISM, CISA, CISSP, GSLC, or equivalent.
• Master’s degree or equivalent work experience.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in‑person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Equality Statement – If you are an applicant from the United States, Guam, or Puerto Rico, DXC Technology Company (DXC) is an Equal Opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, pregnancy, veteran status, genetic information, citizenship status, or any other basis prohibited by law.

We participate in E‑Verify and provide access to all required federal, state, and locality postings.

Disability Accommodations:
If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note:

DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. DXC does not make offers of employment via social media networks and never asks for any money or payments from applicants at any point in the recruitment process.

More information on employment scams is available here.