SRC - Cyber, Risk and Control - Manager

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively.

As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.

Candidates require experience and knowledge in the following key areas:

● Cybersecurity Risk identification and security control integration as part of Cloud transformation and enterprise infrastructure

● Cloud security principles, cloud governance and cloud computing concepts in context of cloud infrastructure and/or cloud applications. Required previous experience includes cloud security audits/reviews, and assessments and/or design of cloud infrastructure. Experience with cloud solutions such as MS Azure or AWS Cloud is preferred.

● Experience of performing assessment using NIST CSF, ISO 27xxx, NIST 800-53. Implementation and/or assurance experience with IT governance frameworks (e.g. COBIT, NIST, ISO)

● Experience based knowledge of commonly used operating systems, security devices and their hardened configuration with operational knowledge of Identity and Access management using AD/Azure AD

● Experience in researching attempted breaches of data security, rectifying security weaknesses and vulnerability reviews.

● Knowledge of data protection regulations and security standards/frameworks

● Hands-on skills in WAF, DLP, Security Certificate Management, EDR, DNS Filtering, Identity & Access Management and Spam Filtering.

● Experience of having worked on implementation or assessment of the Information Security Management System of world class enterprises.

● Candidates require strong leadership skills working in dynamic and cross-functional teams for large-scale and multi-national engagements with excellent communication skills.

● Provide high performance (e.g. clear vision/objectives/purpose, open communication, promoting flexibility, collaboration and accountability) to deliver high quality to clients and a rewarding experience to staff

● Demonstrable ability to assist in management of multiple client projects simultaneously

● Technical designations such as CISSP, CISA, CRISC, CEH, CGEIT, PCI QSA, CIPP / C, TOGAF, or CISM.

● Education in the domain of Information Security, Computer Science, Engineering, Cybersecurity

● Experience in working in a consulting environment would be an asset.

● A demonstrated commitment to valuing differences and working alongside diverse people and perspective

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Anti-Money Laundering (AML), Coaching and Training, Communication, Compliance Advisement, Compliance Oversight, Compliance Program Implementation, Compliance Risk Assessment, Confidential Information Handling, Contract Review, Contractual Risk Mitigation, Contractual Risk Monitoring, Contract Writing, Creativity, Crisis Management, Data Loss Prevention (DLP), Data Security, Discretion and Business Ethics, Embracing Change, Emotional Regulation, Empathy, Financial Risk Management {+ 32 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date