Internal Firm Services - Information Technology - Quality, Risk & Compliance Manager- Bangalore

Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

IFS - Information Technology (IT)

Management Level

Manager

Job Description & Summary

A career in Information Technology, within Internal Firm Services, will provide you with the opportunity to support our core business functions by deploying applications that enable our people to work more efficiently and deliver the highest levels of service to our clients. You’ll focus on managing the design and implementation of technology infrastructure within PwC, developing and enhancing both client and internal facing applications within PwC, and providing technology tools that help create a competitive advantage for the Firm to drive strategic business growth.

Our Information Technology Quality team manages Information Technology operational processes, including configurations, change management, and incident management and provides oversight to third party suppliers that deliver services for Information Technology operations.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Develop new skills outside of comfort zone.
• Act to resolve issues which prevent the team working effectively.
• Coach others, recognise their strengths, and encourage them to take ownership of their personal development.
• Analyse complex ideas or proposals and build a range of meaningful recommendations.
• Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.
• Address sub-standard work or work that does not meet firm's/client's expectations.
• Use data and insights to inform conclusions and support decision-making.
• Develop a point of view on key global trends, and how they impact clients.
• Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.
• Simplify complex messages, highlighting and summarising key points.
• Uphold the firm's code of ethics and business conduct.

Job Description: ACs in India- Technology-QRC -Manager-Risk & compliance

Job Title: QRC - Manager-Risk & compliance

Department: PWC ACs in India- IFS-Technology

Days and Hours of Work: Full Time Monday- Friday

Reports to: Senior Manager /Director Technology, ACs in India

About technology function for ACs in India: The ACs in India Technology team is responsible for maintaining and managing the entire technology footprint, including enterprise architecture, backbone infrastructure, front-line computing and application development/maintenance. These include critical enterprise technology services, like office network connectivity, internet, messaging, voice, data accessibility, backup, restoration, and data retention, etc. The Technology team ensures all critical IT processes are delivered on time and with quality, Risks are identified and appropriately mitigated.

The QRC function is an enabling function within Technology Function of ACs in India, responsible for driving the Quality Assurance, Risk management and compliance related activities for Technology function for ACs in India.

Job Summary: The Manager Risk & compliance provides support to the QRC Leader and provides expertise and execution, monitoring, reporting, Gap analysis, Internal Audits etc. in Risk management and compliance related activities for Technology function for ACs in India and other ACs as appropriate.

Roles and Responsibilities:

1. QRC Apex Manual: Supports the QRC Leader in the development and maintenance of a Technology wide quality assurance program inclusive of all Technology towers and staff, develops and maintains a QRC Apex Manual and related QRC planning, Implementation, ITSM Dashboarding, ITSM process Quality Assurance, Monitoring and control activities and annual evaluation of the plan’s effectiveness.

2. Technology Governance: Manages the weekly Operations meetings, Actions tracking, MOM and Deck communication to the relevant stakeholders. Ensures electronic storage of QRC and governance reports and communications to promote ongoing access for key Stakeholders and for Audit and compliance requirements.

3. InfoSec Risk Management: Develops and maintains policies and procedures related to the Technology risk management program. Oversees a ACs in India Technology wide risk management program, develops and maintains a written Technology risk management plan, Risk register creation, review and updating as well as maintenance and annual evaluation of the plans’ effectiveness.

4. QMSE Risk management: Represents technology team during the QMSE risk reviews, review of Risk mitigation plans, controls established, and support provided in this initiative. Also maintains the Business processes, Risk controls and Risk mitigations and related artifacts.

5. ERM Risk management: Represents technology team during the ERM risk reviews, review of Risk mitigation plans, controls established, and support provided in this initiative.

6. OFRO Risk management: Represents technology team during the OFRO risk reviews, review of Risk mitigation plans, controls established, and support provided in this initiative.

7. Annual ISP compliance: Oversees a annual ISP compliance program, ensures that all required elements of a compliance program/assessment are addressed. This includes identification of stakeholders, setting up the right expectations, collating the supplied evidence, reviewing the evidence, uploading them in appropriate folders, validation of evidence in Archer and completing the assessment in time. Reporting out any audit findings to the Technology leadership, driving mitigation plans and mitigation actions and getting the findings closed in Archer tool.

8. NIS Roles and responsibilities: Work in the capacity of local Technology SPOC for the NIS role which includes Security assessment and approvals for ID creation for 3rd party; Guidance on containment process for laptop and mobile lost cases and approval to take mobile at the service center for repairing. Approvals to re-enable IDs post containment process completion.; Security review/ Blanco Data Wipe report review and approval for laptops and Mobile Phones handover to vendors; Follow Up and closing of Security Incident (SIT); Coordination and providing support for all internal audits; Vendor laptop entry approval; Quarterly user headcount reconciliation activity; SP compliance Assessment evidence uploading in Archer; Six monthly USB Reconciliation Audit and related actions.

9. Audits & Compliance: Supports the QRC Leader in the as a resource for all external and internal compliance audits including standards certifications Audits, Customer Audits, Internal Audits etc. ensures that corrective action plans are documented in a timely manner and effectively implemented.

10. Security Incident Management: Supports the QRC Leader in the investigations relating to reports of known or suspected violations of the ISP compliance program, ISP policy and related controls. In consultation with the CIO, submits mandatory reports of known or suspected compliance violations to the appropriate internal functions. Helps the internal functions during the information security related incidents, its investigations, containment actions and related reports and auditable evidence.

11. AC Certification Program: Supports the QRC Leader in the Technology function in the Global ACs certification program and support the other global ACs in their journey in various certification programs.

12. Knowledge Management: Supports the QRC Leader in the development and maintenance of up-to-date knowledge of Technology compliance requirements and related Policies and regulations as mandated or recommended by other internal functions, attends outside corporate compliance trainings provided by External QRC specific agencies and/or other agencies as directed by the QRC Leader/Director/CIO.

13. Any other duties: Duties as assigned by the QRC Leader, Director, MD & CIO -Technology in Quality Assurance, Risk management and compliance related activities.

Qualifications:

1. Profession with minimum of 10-year experience in the in-Quality Assurance, Risk management and compliance related activities.

2. Bachelor and/or master’s degree from recognized college/University. (IT and Business fields preferred)

3. Certification standards like ISO27001:2022, ISO9001, Certified Lead Auditor/Implementer, Knowledge of ITSMS, BCMS, ERM, CMMi-SVC, CMMi-DEV, COPC, SOC 1 & 2 etc.

4. Strong knowledge of Quality Assurance, Risk management and compliance related standards, policies, processes and activities which are driven in Technology function for ACs in India

5. Skills in Power Point, Word, Excel. Power BI, Python or any Data analytics/Data intelligence tools knowledge would be added advantage.

6. Experience working in Big4 environment would be an advantage.

Supporting Qualities and Skills:

1. Good Hands-on experience in Quality and Risk management tools along with MS Office.

2. Computer skills and knowledge of applicable software programs/Tools used in the Quality Assurance, Risk management and compliance related activities. 3. Excellent organizational and analytical skills.

4. Ability to develop and implement effective asset management strategies.

5. Strong communication and collaboration skills to work with various stakeholders.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date