Cybersecurity-Strategy Risk & Compliance- Associate 2-Bangalore

Bangalore (SDC) - Bagmane Tech Park

Applications have closed

PwC

We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.

View all jobs at PwC

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Associate

Job Description & Summary

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

Our Regulatory Compliance team focuses on helping our clients understand their regulatory landscape on a domestic and global scale. You'll work with our clients aligning a number of different cyber, privacy and industry frameworks and requirements to their business. This includes, but is not limited to: NIST CSF, ITIL, HIPAA, PCI, FDA, FERC/NERC, OCC, FFIEC, ABAC, Cyber Executive Orders, etc. Our team designs, implements, and maintains an effective compliance program that helps our clients manage the risks against regulatory compliance obligations, as well as control framework commitments to their Board/stakeholders.

Our team also works with regulatory examiners, investigators, and industry leaders to continue to stay ahead of upcoming regulatory changes or enforcements. We help inform our clients on controls or requirements that require enhancements, and help with the compliance change management components driving new technical and business requirements out to their end users. You will be part of a team that not only assesses organizational compliance, but helps clients to strategically think through the best way to manage in a cost-effective, yet defensible manner.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Invite and provide evidence-based feedback in a timely and constructive manner.
  • Share and collaborate effectively with others.
  • Work with existing processes/systems whilst making constructive suggestions for improvements.
  • Validate data and analysis for accuracy and relevance.
  • Follow risk management and compliance procedures.
  • Keep up-to-date with technical developments for business area.
  • Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
  • Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
  • Uphold the firm's code of ethics and business conduct

Years of Experience 

  • 2-6 years of Information security industry experience and min 2+ relevant experience in Supplier/Vendor Risk Management, ISO 27001 and ISO22301 and maintaining compliance.

Position Requirements

  • Perform Third Party Risk Management, Supplier or Vendor Assessments.
  • Knowledge of and experience in crafting and operating governance, frameworks and processes to follow vendor management/third party risk management related regulatory mentorship.
  • Responsible for managing relationships with third parties that provide data services for Continuous Monitoring program, including closing findings, completing assessments, and attesting that ongoing management activities are conducted.
  • Activities include, but are not limited to assessing risk, conducting due diligence, and ensuring contractual service level agreements are met.
  • Assessing procedures and controls to ensure compliance with applicable enterprise standards.
  • Identification of issues, risks, opportunities and improvement of policies, processes, procedures and standards.
  • Raising risk findings with stakeholders and recording it per standardized requirements. Should be able to communicate key risk findings effectively.
  • Monitoring and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for appropriate escalation to stakeholders and Conducting trainings.
  • Good understanding of compliance standards/frameworks like ISO 27001/27002, NIST, COBIT, SOX, GLBA, SSAE16/SOC 2, etc. will be an advantage.
  • Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment.

Desired Knowledge

  • Third party Risk management ( TPRM ), Supplier/vendor risk assessment and compliance, audit, or risk management experience required.
  • Excellent leadership, teamwork and collaboration skills.
  • Ability to quickly acquire and utilize knowledge on new technologies and solutions, emerging threats and vulnerabilities.

Desired Skills

  • Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment.
  • Results oriented, high energy, self-motivated.

Professional and Educational Background

  • MCA / BE / B Tech
  • Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC)

Additional Information

Travel Requirements: Not Applicable

  • Line of Service: Advisory
  • Industry: Consulting

Location: Bangalore      

Professional and Educational Background
• Bachelor's Degree Preferred.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Compliance Jobs

Tags: Analytics CISA CISM CISSP Clearance Clearance Required COBIT Compliance CRISC Data Analytics FFIEC Forensics GLBA Governance HIPAA ISO 22301 ISO 27001 ITIL KPIs Monitoring NIST Privacy Risk assessment Risk management SOC SOC 2 SOX Strategy Vendor management Vulnerabilities

Perks/benefits: Career development Transparency

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.