IN-Senior AssociateCompliance ManagementSecurity testingAdvisoryChennai
IN-Senior AssociateCompliance ManagementSecurity testingAdvisoryChennai
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
RiskManagement Level
Senior AssociateJob Description & Summary
At PwC our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities develop secure systems and provide proactive solutions to safeguard sensitive data.In threat intelligence and vulnerability management at PwC you will focus on identifying and analysing potential threats to an organisations security as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure.
*Why PWC
At PwC we believe in providing equal employment opportunities without any discrimination on the grounds of gender ethnic background age disability marital status sexual orientation pregnancy gender identity or expression religion or other beliefs perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this we have zero tolerance for any discrimination and harassment based on the above considerations.
Job Description & Summary: Indepth knowledge and handson experience in VAPT including: Web Application Vulnerability Assessment & Penetration Testing Mobile Application Vulnerability Assessment & Penetration Testing API and Network Penetration Testing Cloud Security Network Security SOC Monitoring and Incident management.
Responsibilities:
- Conduct Risk Assessment
- Create Compliance Framework
- Review/ create Policies and Procedures
- Conduct/ manage Training and Awareness content
- Compliance metrics and tracking
- Maintain Project Progress updates
- Manage Phishing Assessments
- Review Disciplinary process
- Helping in defining Security Strategy
- Perform Quarterly Reviews
- Manage Security Certifications
- Advise on technology solutions and Architecture
- Reporting to Board Steering Committee Digital and Technology Committee
- Coordinate Business Impact Analysis
- Review/ coordinate Business Continuity
- Develop a comprehensive thirdparty risk management program
- Manage vendor/supplier/third party due diligence process including ongoing monitoring
- Develop and maintain relationships with vendors/suppliers/third parties to ensure compliance with corporate information security policies and standards
- Develop processes to respond to incidents involving vendors/suppliers/third parties
- Stay current on emerging threats trends best practices industry standards regulations etc.
- Manage and develop Vendor onboarding process
- Manage NDA and BGV
- Conduct Privacy Risk Assessment (PRAs
- Support to implement Privacy By Design
- Manage Data Subject Rights
- Drafting/updating policies and procedures under the companys data privacy framework
- Managing records of processing activities
Mandatory skill sets:
GRC
- Strong understanding of security frameworks and standards such as ISO 27001 NIST etc.
- Experience of performing assessment using NIST CSF ISO 27 NIST 80053. Implementation and/or assurance experience with IT governance frameworks (e.g. COBIT NIST ISO)
- Experience working with regulatory requirements SEBI & RBI guidelines and frameworks etc.
- Strong knowledge of IT infrastructure application security and data protection strategies.
- Detailoriented with a focus on compliance and process improvement.
- Experience in coordinating and overseeing internal/external audits and vulnerability assessments (VAPT) to address findings and improve security posture.
- Identify assess and manage security risks integrating them into the enterprise risk management program.
- Experience in conducting comprehensive thirdparty security assessments to mitigate risks associated with external vendors
- Monitor and report on key risk indicators (KRIs) and metrics to ensure proactive identification and escalation of risks.
Preferred skill sets:
- Strong organizational teamwork multitasking & time management skills.
- Outstanding communication abilities. Ability to effectively communicate the required recommendations.
Years of experience required:
- 4 Years
Education qualification:
- Minimum Qualification: BE/ BTech
Education (if blank degree and/or field of study not specified)
Degrees/Field of Study required: Bachelor of EngineeringDegrees/Field of Study preferred:Certifications (if blank certifications not specified)
Required Skills
Governance Risk and Compliance PlatformOptional Skills
Accepting Feedback Accepting Feedback Active Listening Analytical Thinking Cloud Security Communication Conducting Research Creativity Cyber Defense Cyber Threat Intelligence Embracing Change Emotional Regulation Empathy Encryption Inclusion Information Security Intellectual Curiosity Intelligence Analysis Intelligence Report Intrusion Detection Intrusion Detection System (IDS) IT Operations Learning Agility Malware Analysis Malware Detection Tools 16 moreDesired Languages (If blank desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship
NoGovernment Clearance Required
NoJob Posting End Date
Required Experience:
Senior IC
Employment Type
Full-Time
