• Developing and managing the AVC information security management contractual framework in alignment with the ISO 27001 standard
• Developing and implementing the AVC ISO 27001 compliant Information Security Management System (ISMS) and global account security plan in alignment with the Allianz Group information security and AVC contractual framework
• Providing the contracted security services
• Introducing, establishing, and chairing the AVC security governance board with Allianz for all aspects of information security, IT risk, and data privacy management within the AVC service agreements
• Coordinating and facilitating collaboration with Allianz stakeholders from information security, compliance assurance, and contract management across Europe, America, and Asia-Pacific
• Continuously assessing and ensuring compliance of DXC service provisioning with the contractual information security and data privacy obligations
• Conducting annual security awareness campaigns for all DXC account personnel
• Providing security and contractual advice to DXC bid teams and account senior leadership team for new RfPs from Allianz and AVC service prolongations
• Leading the global AVC security team with security engineers and security managers from Germany, Spain, Bulgaria, India, and Philippines

Baseline Security Assessment

Tailoring design of contracted security services to accommodate to client requirements

Integrating contracted security services' infrastructure, software, and management processes into the client?s data centers, networks, and IT service management framework

Guiding technical architects and subject matter experts

• Assessment of client security posture incl. security remediation plan
• Development and documentation of security concept
• Development and enforcement of security awareness and data privacy trainings
• Knowledge transfer and hand-over of client Anti-Malware operations and management to remote DXC team in Asturias
• Definition, development, and implementation of Security Key Performance Indicators (KPIs) and Security Reporting
• Establishment of the security governance between ERGO and DXC 

• Representing DXC Cyber to the account on all matters of information security and compliance
• Interpreting and adhering to contractual obligations with regards to information security, security service provisioning, compliance assurance, and audits
• Reviewing and approving from a security point of view all provided solutions delivered to the customer
• Defining, maintaining, and improving security processes and security metrics in collaboration with client IT and security managers
• Providing Managed Security Services such as Security Information and Event Management (SIEM), Vulnerability Assessment, Technical Compliance, and Entitlement Reporting Services through an offshore account security team
• Providing Network Intrusion Detection and Prevention and Managed Encryption Services through leveraged America-based Security Services team
• Providing Disaster Recovery Services for the client?s core business applications
• Instructing and overseeing security compliance of other service centers as they deliver to the customer, e.g., Anti-Malware Protection, Security Patching, Firewall Ruleset Management
• Supporting the Service Delivery Executive on security service delivery and security operational matters, and advising the Account General Manager on security and compliance matters affecting the account
• Meeting the contractually agreed security key performance indicators (KPIs)
• Managing security incidents
• Managing external security vendors, security hard- and software procurements, licenses, and vendor support
• Leading and managing a global team with security engineers and security and compliance managers in Canada, India, the UK, and the US