SRCTech and cyber risk and ComplianceAssociate

Bengaluru - India

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Associate

Job Description & Summary

At PwC our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients providing advice and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively.

In regulatory risk compliance at PwC you will focus on confirming adherence to regulatory requirements and mitigating risks for clients. You will provide guidance on compliance strategies and help clients navigate complex regulatory landscapes.

Technology Risk:

Manage and interpret cyber and technology regulatory requirements to ensure alignment with enterprise risk frameworks and support compliance with global and regional regulations.

Conduct cyber and technology compliance readiness assessments to evaluate organizational control posture and deliver clear reporting on gaps risks and improvement opportunities.

Develop andmaintaincyber and technology control frameworks performing control mapping testing and automation initiatives to strengthen control assurance and operational efficiency.

Regulatory:

Perform cyber and technology risk assessments quantifying risk exposure and preparing structured stakeholder-ready regulatory and governance reporting.

Execute regulatory gap assessments and design targeted playbooks and remediation plans that drive alignment with cyber technology and regulatory expectations.

Support remediation efforts for regulatory findings and improvecontrolenvironments for sustainedcompliance.

Develop regulatory reports and board-level dashboards providing visibility into cyber risk posture technology controls compliance metrics and emerging regulatory trends.

Compliance:

Design and implement 1LOD and 2LOD cyber and technology compliance programs including governance structures control frameworks and monitoring mechanisms.

Support technology implementation programs in collaboration with GRC functions ensuring alignment to regulatory standards and compliance-by-design principles.

Manage cyber and technology regulatory responses coordinating documentation evidence and remediation efforts for regulatory inquiries and examinations.

Oversee compliance programs aligned to frameworks such as NIST ISO 27001 PCI DSS HIPAA HITRUST and FFIEC ensuring effective adoption andcertification ofreadiness.

Perform end-to-end cyber and technology control testing tovalidatecontrol effectivenessidentifyweaknesses and recommend risk-based corrective actions.

Conduct internal and external control assessments to evaluate the adequacy and operational effectiveness of cybersecurity and technology control environments.

Lead cybersecurity and technology maturity assessmentsbenchmarkcurrent-state maturity defining target maturity levels and recommending uplift strategies.

Execute information security assessments across policies processes controls and technologies toidentifyrisks and improvement opportunities.

Support internal audit reviews of technology and cybersecurity functionsvalidatingadherence to standards policies and regulatory expectations.

Conduct readiness assessments for regulatory exams certification audits and compliance initiatives to ensure organizational preparedness.

Policy and standard management include writing reviewing updating and managinglifecycletechnology security risk andcompliance withpolicies and control standards

Minimum years experience required

2-5 Years

Possessworking knowledge of AI/GenAI technologiesincluding understanding ofAI risks responsible AIprinciples and the ability to integrate AI-enabled solutions into technology risk compliance andautomation initiatives.

Strong understanding ofcloud platforms and cloud security principles in modern enterprise environments.

The candidate shouldpossesshands-on experience in at least two to three core skills within compliance and regulatory domains.

Excellent written and oral communication skills can express thoughts clearlyknowhow to listen andisable to contributetoa team environment.

Must communicate consistently and driveobjectives relying on fact-based decisions about risk thatoptimizethe trade-off between risk mitigation and business performance.

Demonstrates proven extensive abilities withleveragingcreative thinking and problem-solving skills individual initiative andutilizingOffice 365 MS Office (Word Excel Access PowerPoint) and Google Docs.

Ability to createdomain-specifictraining content and delivertrainingeffectively.

Good presentation project management facilitation and delivery skills as well as strong analytical and problem-solving capabilities.

Develop/implement automation solutions and capabilities that are clearly aligned to client businesstechnologyand threat posture.

Demonstrates ability totrack developments and changes indigitalbusiness and threat environments to ensure thattheyreadequately addressed in clients security strategy plans and architecture artifacts.

Good Knowledge and experience with GRC tools such as MetricStream Open Pages Archer and data analytics & visualization tools used in the Industry such asPowerBI Alteryx and Tableau.

Professional & Educational Background

MCA / BE / B Tech / MS (Field of Study: Computer and Information Science Information Cybersecurity Information Technology Management Information Systems).

Certification(s) Preferred: Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certified inRiskand Information Systems Control (CRISC).

Travel Requirements

Not Specified

Job Posting End Date

Required Experience:

Industry/SectorNot ApplicableSpecialismCybersecurity & PrivacyManagement LevelAssociateJob Description & SummaryAt PwC our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients providing advice and solutions. They help organisations navigate complex ...

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Associate

Job Description & Summary

Technology Risk:

Manage and interpret cyber and technology regulatory requirements to ensure alignment with enterprise risk frameworks and support compliance with global and regional regulations.

Conduct cyber and technology compliance readiness assessments to evaluate organizational control posture and deliver clear reporting on gaps risks and improvement opportunities.

Develop andmaintaincyber and technology control frameworks performing control mapping testing and automation initiatives to strengthen control assurance and operational efficiency.

Regulatory:

Perform cyber and technology risk assessments quantifying risk exposure and preparing structured stakeholder-ready regulatory and governance reporting.

Execute regulatory gap assessments and design targeted playbooks and remediation plans that drive alignment with cyber technology and regulatory expectations.

Support remediation efforts for regulatory findings and improvecontrolenvironments for sustainedcompliance.

Develop regulatory reports and board-level dashboards providing visibility into cyber risk posture technology controls compliance metrics and emerging regulatory trends.

Compliance:

Design and implement 1LOD and 2LOD cyber and technology compliance programs including governance structures control frameworks and monitoring mechanisms.

Support technology implementation programs in collaboration with GRC functions ensuring alignment to regulatory standards and compliance-by-design principles.

Manage cyber and technology regulatory responses coordinating documentation evidence and remediation efforts for regulatory inquiries and examinations.

Oversee compliance programs aligned to frameworks such as NIST ISO 27001 PCI DSS HIPAA HITRUST and FFIEC ensuring effective adoption andcertification ofreadiness.

Perform end-to-end cyber and technology control testing tovalidatecontrol effectivenessidentifyweaknesses and recommend risk-based corrective actions.

Conduct internal and external control assessments to evaluate the adequacy and operational effectiveness of cybersecurity and technology control environments.

Lead cybersecurity and technology maturity assessmentsbenchmarkcurrent-state maturity defining target maturity levels and recommending uplift strategies.

Execute information security assessments across policies processes controls and technologies toidentifyrisks and improvement opportunities.

Support internal audit reviews of technology and cybersecurity functionsvalidatingadherence to standards policies and regulatory expectations.

Conduct readiness assessments for regulatory exams certification audits and compliance initiatives to ensure organizational preparedness.

Policy and standard management include writing reviewing updating and managinglifecycletechnology security risk andcompliance withpolicies and control standards

Minimum years experience required

2-5 Years

Possessworking knowledge of AI/GenAI technologiesincluding understanding ofAI risks responsible AIprinciples and the ability to integrate AI-enabled solutions into technology risk compliance andautomation initiatives.

Strong understanding ofcloud platforms and cloud security principles in modern enterprise environments.

The candidate shouldpossesshands-on experience in at least two to three core skills within compliance and regulatory domains.

Excellent written and oral communication skills can express thoughts clearlyknowhow to listen andisable to contributetoa team environment.

Must communicate consistently and driveobjectives relying on fact-based decisions about risk thatoptimizethe trade-off between risk mitigation and business performance.

Demonstrates proven extensive abilities withleveragingcreative thinking and problem-solving skills individual initiative andutilizingOffice 365 MS Office (Word Excel Access PowerPoint) and Google Docs.

Ability to createdomain-specifictraining content and delivertrainingeffectively.

Good presentation project management facilitation and delivery skills as well as strong analytical and problem-solving capabilities.

Develop/implement automation solutions and capabilities that are clearly aligned to client businesstechnologyand threat posture.

Demonstrates ability totrack developments and changes indigitalbusiness and threat environments to ensure thattheyreadequately addressed in clients security strategy plans and architecture artifacts.

Good Knowledge and experience with GRC tools such as MetricStream Open Pages Archer and data analytics & visualization tools used in the Industry such asPowerBI Alteryx and Tableau.

Professional & Educational Background

MCA / BE / B Tech / MS (Field of Study: Computer and Information Science Information Cybersecurity Information Technology Management Information Systems).

Certification(s) Preferred: Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certified inRiskand Information Systems Control (CRISC).

Travel Requirements

Not Specified

Job Posting End Date

Required Experience:

Key Skills

IT Help Desk
Business Management
Application Development
Faculty
HTML

Apply Now

About Company

PricewaterhouseCoopers

At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 155 countries with over 284,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by vis ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click