SRC Cyber Strategy and ResilienceAssociate
Share
Job Location:
Monthly Salary:
Posted on:
Yesterday
Vacancies:
1 Vacancy
Job Summary
Industry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
AssociateJob Description & Summary
At PwC our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients providing advice and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively.In regulatory risk compliance at PwC you will focus on confirming adherence to regulatory requirements and mitigating risks for clients. You will provide guidance on compliance strategies and help clients navigate complex regulatory landscapes.
Experience supporting cybersecurity strategy development including helping analyze organizational priorities assess strategic risks and contribute to multi-year transformation or resilience roadmaps.
Experience supporting cybersecurity maturity assessments audit readiness efforts and framework evaluations (e.g. NIST CSFNIST 800-53 CISISO 27001) including developing analysis evidence summaries and assessment documentation.
Experience contributing to current-state reviewsidentifyinginitial control or capability gaps and supporting the development of strategic security roadmaps and prioritized recommendations.
Ability to synthesize assessment findings into clear structured deliverablessuch as risksobservations gap summaries or executive-ready insightsto support strategic decision-making.
Conduct threat modeling analysis using established frameworks (e.g. MITRE ATT&CK STRIDE)identifypotential attack paths or capability gaps and incorporate insights into assessments recommendations and resilience planning.
Ability tointerpretand assessEnterprise Security ArchitectureInfrastructure ConfigurationsSaaS PaaS APIsNetworkdesigns data flow maps cloud architecture layoutsetc.
Experienceassistingwith cloud security assessments including reviewing baseline security compliance and
configuration requirements across AWS Azure or GCP environments.
Understandingofbusiness continuity disaster recovery operational resilience and incident response concepts (e.g. BCP DRBIARTO/RPO) with the ability to support planning and documentation activities.
Familiarity with resilience and incident response standards such as ISO 22301 NIST SP 800-61 and regulatory expectations like DORA with the ability to apply them in guided assessments or resilience uplift initiatives.
Ability to draft refine or update cybersecurity policies standards and procedures under the direction of senior team members ensuring alignment with leading practices and business needs.
Experience using GenAI/LLM tools to streamline GRC tasks such as compliance reporting evidence analysis document reviews and assessment preparation.
Familiarity with AI governance principles and emerging frameworks (e.g. NIST AI RMF ISO 42001) with the ability to support basic assessments or control mapping activities.
Conceptual understanding of vulnerability management threat intelligence and incident response workflows with exposure to security operations technologies (SIEM IDS/IPS EDR/XDR) and how they support detection response and resilience.
ProficiencywithMicrosoft365 and Microsoft Office Suite (Word Excel Access PowerPoint)
Desired Knowledge
Familiarity with cyber defense technologies such as SIEM SOAR and EDR/XDR platforms.
Familiarity with security operations including vulnerability management incident handling cyber threat intelligence and proactive threat hunting.
Conceptual understanding of secure software development; exposure to application security basics such as OWASP Top 10.
Experience supporting application security reviews or toolsenabledSAST/DAST/SCA analysisis a plus.
Ability to keep up with evolving cybersecurity and digital trends and connect them to business or security impacts.
Strong analytical and problem-solving ability with willingness to learn complex security concepts over time.
Strong verbal and written communication skills with the ability to summarize findings clearly and collaborate effectively with team members.
Ability to work both independently (withindefined guidance) and as part of a larger security or GRC project team.
Organized detail-oriented and able to support multiple workstreams withappropriate prioritization.
Demonstrates curiosity willingness to learn and openness to developing deeper technical or governanceexpertiseover time.
Professional & Educational Background
MCA / BE / B Tech / MS (Field of Study: Computer and Information Science Information Cybersecurity Information Technology Management Information Systems).
Certification(s) Preferred: Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certified inRiskand Information Systems Control (CRISC)
Travel Requirements
Not SpecifiedJob Posting End Date
Required Experience:
IC
Key Skills
- Marketing
- Data Visualization
- Tableau
- Customer Segmentation
- Microsoft Powerpoint
- Investment Banking
- Strategic Planning
- Financial Modeling
- Customer relationship management
- Management Consulting
- Google Suite
- Analytics
About Company
At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 155 countries with over 284,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by vis ... View more
