Cyber R&R SRC - TPRM- Associate - KOL/BLR/
Kolkata (AC) - Bangalore Quay - Bagmane Tech Park (KSDC)
PwC
We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
AssociateJob Description & Summary
A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.Our Third Party Risk Management (TPRM) team focuses on helping our clients assess, design, implement, and maintain an effective third party risk program.This is inclusive of pre and post contract stages for our clients - helping them evaluate the controls required pre-contracting with a vendor, contractor, or supplier, as well as post-contract from an ongoing monitoring perspective. Our TPRM team focuses on designing programs, operationalizing those programs, change management across all risk domains of a third party program and assessments (ongoing monitoring efforts). You will work with third parties all across the globe that support the operations of our clients to ensure adequate control environments are in place and help provide our clients comfort that both reasonable and defensible controls are in place. As more companies continue to outsource and move to cloud transformation, the demand for TPRM has quickly grown. You will help our clients transform their business, build trust amongst their ecosystem, manage risk effectively, and drive accountability and control with their third party connections.
Our team helps organisations develop TPRM business plans, cost-benefit analyses, target operating models, short/long-term strategies, and ultimately improve the effectiveness of their TPRM programs. In joining our team, you will work with xLoS professionals at PwC across all third party risk domains, including, but not limited to cybersecurity, privacy, human resources, legal, technology, financial, fraud, regulatory, and industry specific business risks. You will help organizations with strategy, design, operation and long-term maintenance of their TPRM programs.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
- Invite and provide evidence-based feedback in a timely and constructive manner.
- Share and collaborate effectively with others.
- Work with existing processes/systems whilst making constructive suggestions for improvements.
- Validate data and analysis for accuracy and relevance.
- Follow risk management and compliance procedures.
- Keep up-to-date with technical developments for business area.
- Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
- Seek opportunities to learn about other cultures and other parts of the business across the Network of PwC firms.
- Uphold the firm's code of ethics and business conduct
▪ Position reports to the Manager
▪ Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
▪ Individual would predominately work with off-shore engagement teams and relevant PwC Territory teams. Communication, written and verbal, with these teams would be expected. This communication would include emphasizing the capabilities within the SDC to provide high quality deliverables to support the PwC Global Offices.
Job Description
Main purpose of the job and key background information
▪ Team members will assist territory engagement teams in performing vendor assessment and managed services in accordance with territorial reporting guidelines. Team members would be expected to perform activities that will include:
- Preparation of vendor assessment reports which will include an analysis of the business profiling questionnaire and due diligence questionnaire of the vendor, review supporting documentation, performing a research on the operations and other relevant information about the vendor/supplier.
- Assessment of compliance of vendors against set standards/controls, SOC and PCI reports etc.
- Communicate with the clients and vendors and get
clarification
- Assist in the administrative requirements of the team
▪ Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
▪ Team members would be required to handle multiple tasks at the same time. Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Requirements
These should include essential & desirable requirements such as: ∙ Level of experience
∙ Education/qualifications ∙ Industry experience
∙ Technical capability
∙ Sales/BD capability
∙ Metrics
∙ Key personal attributes ∙ Consulting experience
Minimum Degree(s):
▪ Bachelors/Masters in Information Security
▪ Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX ▪ Other relevant qualification/certification
Knowledge Required:
▪ Strong knowledge of information security concepts, risk and controls concepts
▪ Sound knowledge on IT controls (especially IT risks)
▪ Sound knowledge of Internal Controls and Compliance ▪ Good knowledge on Privacy, Governance and reporting
Skills Required:
▪ Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
▪ Candidates should have strong verbal and written communication skills ▪ Knowledge / experience in fields of Vendor Risk Assessments, Internal Audit, External Audit / Statutory Audit projects ▪ Candidates should exhibit good client service skill collaterals with a strong focus on building relationships.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Anti-Money Laundering (AML), Coaching and Training, Communication, Compliance Advisement, Compliance Oversight, Compliance Program Implementation, Compliance Risk Assessment, Confidential Information Handling, Contract Review, Contractual Risk Mitigation, Contractual Risk Monitoring, Contract Writing, Crisis Management, Data Loss Prevention (DLP), Data Security, Discretion and Business Ethics, Emotional Regulation, Empathy, Financial Risk Management, Governance Framework, Inclusion, Intellectual Curiosity {+ 27 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
NoGovernment Clearance Required?
NoJob Posting End Date
December 31, 2024* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics CISA CISSP Clearance Clearance Required Cloud Compliance Data Analytics Forensics Governance ISO 27001 Monitoring Privacy Risk assessment Risk management SOC Strategy
Perks/benefits: Career development Team events Transparency
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.