Job Description: Key Responsibilities Product Strategy & Vision

• Drive strategy and execution for regulatory and cyber risk management offerings, delivering differentiated value propositions for clients.

• Monitor evolving regulatory changes, industry certifications, frameworks (NIST, PCI, GDPR, SOX), and anticipated threats to develop innovative, adaptive solutions.

• Seek investments in automation, analytics, and third-party integrations that create defensible, scalable compliance value.

Modular, Scalable Architecture

• Design modular compliance and risk management components that integrate with partner technologies and client environments.

• Ensure architecture supports automated controls, audit-readiness, and dynamic reporting.

Product Lifecycle Management

• Oversee end-to-end lifecycle for Risk & Compliance products—ideation, launch, enhancement, sunsetting, and EOL—with a focus on continuous alignment to new regulations and client requirements.

• Drive operationalization of compliance workflows, documentation, and process audits.

Training & Enablement

• Develop enablement assets such as regulatory evidence templates, control catalogs, and audit playbooks.

• Deliver internal and partner training aligned with industry and regional standards.

Cross-Functional Collaboration

• Collaborate closely with engineering, delivery, legal/compliance, and customer success to ensure audit readiness and continuous assurance.

• Support sales and pre-sales to differentiate solutions and address client RFPs with compliance value propositions.

Market Research & Service Design

• Analyze market dynamics, regulatory updates, and client feedback to identify capability opportunities and compliance gaps.

• Segment requirements for verticals (Public Sector/US Federal, critical infrastructure, finance, healthcare) to build differentiated GTM strategies.

Operations & Service Delivery

• Guide operational service design for compliance assessments, managed risk, and GRC monitoring.

• Integrate tools to ensure seamless evidence capture, streamlined audits, and risk reduction for clients.

Customer Experience & Adoption

• Define end-to-end customer compliance journey—scoping, onboarding, ongoing assurance, and remediation.

• Lead Voice of the Customer (VoC) initiatives to capture feedback for continuous product refinement.

Partner Ecosystem & Innovation

• Identify and manage alliances with GRC vendors, regulatory tech partners, insurance, and audit firms.

• Drive joint innovations and integrations to expand offering capabilities and customer value.

Product Marketing & GTM

• Develop positioning, messaging, and competitive strategy for compliance solutions.

• Equip sales with client artifacts, case studies, and value differentiation content.

Reporting Structure

This role reports directly to the Product Line Leader for Cybersecurity Solutions and works cross-functionally with architecture, delivery, legal, sales, and customer success teams.

Core Technical Skills

• In-depth knowledge of GRC platforms, controls, and regulatory ecosystems (NIST CSF, PCI DSS, ISO 27001, SOX, GDPR, etc.).

• Experience with risk quantification, automated control monitoring, evidence collection, and audit operations.

• Product management expertise—vision, roadmap, lifecycle for compliance-focused offerings.

Analytical & Business Skills

• Data analytics for risk scoring, continuous control monitoring, and compliance with KPIs.

• Pricing, margin analysis, and business case development for compliance solutions.

• Strong business writing and executive communication for audit and regulatory stakeholders.

Cross-Functional Leadership

• Proven ability to coordinate legal, engineering, and client teams through compliance change cycles.

• Exceptional presentation and influence skills for client/prospect engagements.

• Customer-centric attitude—adapting to regulatory urgency and high-stakes remediation scenarios.

Soft Skills/Personal Attributes

• Strategic thinking, balancing regulatory priorities, and business value.

• Adaptable to shifting regulatory, client, and threat landscapes.

• Resilient and detail-oriented under compliance deadlines and audit cycles.

• Commitment to continual learning in evolving risk and compliance fields.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology Company (DXC) is an Equal Opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, pregnancy, veteran status, genetic information, citizenship status, or any other basis prohibited by law. View postings below .

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings Link

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note: DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.