SRCCyber Strategy
SRCCyber Strategy
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
Senior AssociateJob Description & Summary
At PwC our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients providing advice and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively.As a risk management generalist at PwC you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas.
Focused on relationships you are building meaningful client connections and learning how to manage and inspire others. Navigating increasingly complex situations you are growing your personal brand deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients and to deliver quality. Embracing increased ambiguity you are comfortable when the path forward isnt clear you ask questions and you use these moments as opportunities to grow.
Examples of the skills knowledge and experiences you need to lead and deliver value at this level include but are not limited to:
- Respond effectively to the diverse perspectives needs and feelings of others.
- Use a broad range of tools methodologies and techniques to generate new ideas and solve problems.
- Use critical thinking to break down complex concepts.
- Understand the broader objectives of your project or role and how your work fits into the overall strategy.
- Develop a deeper understanding of the business context and how it is changing.
- Use reflection to develop self awareness enhance strengths and address development areas.
- Interpret data to inform insights and recommendations.
- Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance) the Firms code of conduct and independence requirements.
As a Senior Associate you will be aligned to our Strategy Risk & Compliance team which is focused on helping clients with their cybersecurity risk compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. You will work as part of a team of problem solvers helping to solve complex business issues from strategy to .
Position Requirements
Collaborate with clients to assess cybersecurity strategies and maturity develop aligned roadmaps and guide integration into business processes and digital transformation.
Assessments experience: Maturity assessment Audit readiness planning and framework assessment cloud migration requirements business case development comparisons and vendor evaluation.
Frameworks experience: Design framework program objectives first/second/third line of defense vision and mission statements current state assessment and gap analysis roadmap planning and estimation for the program program governance and target operating model for NIST PCIDSS HIPAA HITRUST FFIEC ISO FedReg FedRAMP COBIT etc. and vendor evaluation.
Must have handson experience and proficiency in creating writing and maintaining cybersecurity standards and policies. Assessing the maturity of clients current cybersecurity program and identifying areas for improvement.
Develop presentations and reports to communicate cybersecurity strategies to client leadership and support the engagement team in planning and executing multidomain cybersecurity initiatives.
Stay informed about emerging cybersecurity technologies threats and best practices conduct research on industry trends and regulatory changes affecting cybersecurity and advise on the adoption of cybersecurity frameworks and tools (e.g. NIST ISO COBIT) that align with clients needs.
Stay informed about emerging cybersecurity technologies threats and best practices conduct research on industry trends and regulatory changes affecting cybersecurity and advise on the adoption of cybersecurity frameworks and tools (e.g. NIST ISO COBIT) that align with clients needs.
Good understanding of Legal Regulatory and Privacy requirements to integrate within the Cybersecurity Program.
Good understanding of various components of an enterprise Cybersecurity program including governance structures Risk and Threat Management key controls key processes Security architecture and Security training program
Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective
Good Knowledge and experience with GRC tools such as MetricStream Open Pages Archer and data analytics & visualization tools used in the industry such as PowerBI Alteryx and Tableau.
Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes work instructions and templates.
Analyze the security posture of the organizations by assessing the design and implementation of security controls.
Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain.
Desired Knowledge
Excellent written and oral communication skills presentation skills strong analytical and problemsolving skills can express thoughts clearly knows how to listen and is able to contribute to a team environment.
Must communicate consistently and drive objectives relying on factbased decisions about risk that optimize the tradeoff between risk mitigation and business performance.
Demonstrates proven extensive abilities with leveraging creative thinking and problemsolving skills individual initiative and utilizing Office 365 MS Office (Word Excel Access PowerPoint) and Google Docs.
Assessing or implementing cybersecurity processes and governance and experience in working independently or as part of a large team to deliver cybersecurity services on its own or within large complex projects.
Knowledge in cloud security network security and endpoint protection combined with proficiency in utilizing threat intelligence and developing effective incident response practices to anticipate identify mitigate and swiftly recover from potential cyber threats.
Develop/implement automation solutions and capabilities that are clearly aligned to client business technology and threat posture.
Professional & Educational Background
MCA / BE / B Tech / MS (Field of Study: Computer and Information Science Information Cybersecurity Information Technology Management Information Systems).
Certification(s) Preferred: Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC ISO 27001 and other relevant cybersecurity certifications.
Additional Information
Travel Requirements: Not Applicable
Line of Service: Advisory
Industry: Consulting
Must be ready to work onsite fulltime (timings will be 2 pm or sooner until 11 pm IST)
Minimum Years of Experience
4 8 years
Education (if blank degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank certifications not specified)
Required Skills
Optional Skills
Accepting Feedback Accepting Feedback Active Listening Analytical Thinking AntiMoney Laundering (AML) Coaching and Training Communication Compliance Advisement Compliance Oversight Compliance Program Implementation Compliance Risk Assessment Confidential Information Handling Contract Review Contractual Risk Mitigation Contractual Risk Monitoring Contract Writing Creativity Crisis Management Data Loss Prevention (DLP) Data Security Discretion and Business Ethics Embracing Change Emotional Regulation Empathy Financial Risk Management 32 moreDesired Languages (If blank desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship
NoGovernment Clearance Required
NoJob Posting End Date
Employment Type
Full-Time
