Cybersecurity-Strategy Risk & Compliance-Senior Associate-Bangalore

Bangalore (SDC) - Bagmane Tech Park

Full Time Senior-level / Expert USD 28K - 67K *

PwC

We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.

View all jobs at PwC

Apply now Apply later

Posted 9 hours ago

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

Our Regulatory Compliance team focuses on helping our clients understand their regulatory landscape on a domestic and global scale. You'll work with our clients aligning a number of different cyber, privacy and industry frameworks and requirements to their business. This includes, but is not limited to: NIST CSF, ITIL, HIPAA, PCI, FDA, FERC/NERC, OCC, FFIEC, ABAC, Cyber Executive Orders, etc. Our team designs, implements, and maintains an effective compliance program that helps our clients manage the risks against regulatory compliance obligations, as well as control framework commitments to their Board/stakeholders.

Our team also works with regulatory examiners, investigators, and industry leaders to continue to stay ahead of upcoming regulatory changes or enforcements. We help inform our clients on controls or requirements that require enhancements, and help with the compliance change management components driving new technical and business requirements out to their end users. You will be part of a team that not only assesses organizational compliance, but helps clients to strategically think through the best way to manage in a cost-effective, yet defensible manner.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

Use feedback and reflection to develop self awareness, personal strengths and address development areas.
Delegate to others to provide stretch opportunities and coach to help deliver results.
Develop new ideas and propose innovative solutions to problems.
Use a broad range of tools and techniques to extract insights from from current trends in business area.
Review your work and that of others for quality, accuracy and relevance.
Share relevant thought leadership.
Use straightforward communication, in a structured way, when influencing others.
Able to read situations and modify behavior to build quality, diverse relationships.
Uphold the firm's code of ethics and business conduct.

Cybersecurity & Privacy, Strategy, Transformation & Risk, Senior Associate

Meaningful work you’ll be part of

As a Senior Associate, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Responsibilities include but are not limited to::

As an Senior Associate, you will be aligned to our Strategy, Risk & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the SRC-Security Architecture team which is responsible for helping clients and organizations to plan, research, design and implement security architecture and identify risks and create mitigation plans. You will work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution.

Years of Experience

4 to 8 Years

Position Requirements

Perform Security Architecture Risk Assessments for third party clients or vendors.
Review security control questionnaires, and Architecture diagrams to identify risks and document findings
Deep understanding of Network and Application Infrastructure,Web-based applications, Desktop applications and Back- end Applications Security testing, API’s
Responsible for managing relationships with third parties that provide for the Continuous Monitoring program,including closing findings, completing assessments, and attesting that ongoing management activitie
Position Requirements
Perform Security Architecture Risk Assessments for third party clients or vendors.
Review security control questionnaires, and Architecture diagrams to identify risks and document findings
Desired Skills
Excellent communication skills and executive presence that enable effective engagement with senior stakeholders.
Excellent written skills, and the ability to interpret and articulate security scenarios and recommendations to senior management.
Demonstrate proven extensive abilities along with leveraging creative thinking and problem-solving skills, individual initiatives, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs.
Ability to create domain specific training content and deliver training effectively.
Communicating in an organized and knowledgeable manner in written and verbal formats that include delivering clear requests for information and handling potential conflicts.
Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities.
Develop/Implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture.
Demonstrate the ability to track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in client’s security strategy plans and architecture artifacts.
Have a strong grasp on complex risk management and assessment theories and practices, as well as intricate cybersecurity laws and guidelines.
Familiarity with organizational policies, government regulations, and information technology ethics.
Be a team player and work closely with fellow IT professionals in planning, employing, and monitoring security solutions.
Demonstrate creativity and innovative thinking, and adapt to trying new techniques and employing the latest technologies.
Deep understanding of Network and Application Infrastructure,Web-based applications, Desktop applications and Back- end Applications Security testing, API’s
Responsible for managing relationships with third parties that provide for the Continuous Monitoring program,including closing findings, completing assessments, and attesting that ongoing management activities are conducted.
Identification of issues, risks, opportunities and improvement of policies, processes, procedures and standards.
Raising risk findings with stakeholders and recording it per standardized requirements. Should be able to communicate key risk findings effectively.
Monitoring and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for appropriate escalation to stakeholders and Conducting training.
Good understanding of compliance standards/frameworks like ISO 27001/27002, NIST, COBIT, SOX, GLBA, SSAE16/SOC 2, etc. will be an advantage.
Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment.

Desired Skills

Excellent communication skills and executive presence that enable effective engagement with senior stakeholders.
Excellent written skills, and the ability to interpret and articulate security scenarios and recommendations to senior management.
Demonstrate proven extensive abilities along with leveraging creative thinking and problem-solving skills, individual initiatives, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs.
Ability to create domain specific training content and deliver training effectively.
Communicating in an organized and knowledgeable manner in written and verbal formats that include delivering clear requests for information and handling potential conflicts.
Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities.
Develop/Implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture.
Demonstrate the ability to track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in client’s security strategy plans and architecture artifacts.
Have a strong grasp on complex risk management and assessment theories and practices, as well as intricate cybersecurity laws and guidelines.
Familiarity with organizational policies, government regulations, and information technology ethics.
Be a team player and work closely with fellow IT professionals in planning, employing, and monitoring security solutions.
Demonstrate creativity and innovative thinking, and adapt to trying new techniques and employing the latest technologies.