Global Application Security Risk Manager

Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

IFS - Internal Firm Services - Other

Management Level

Manager

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients.

Risk Managers ensure that risk assessment outcomes are effectively communicated to application team members. They support ideation activities, facilitate meetings, and gather information from various teams. In addition to their managerial duties, Risk Managers also take on the responsibilities of Risk Reviewers. This includes reviewing tickets for inconsistencies, managing ERV calls, and collaborating with Risk Reviewers to define the ticket review approach. They maintain a dashboard of ticket statuses, report on ticket status and metrics, and act on pending items in a timely manner. Risk Managers assist in creating issues and mitigation plans, track ticket progress, and manage interactions with other NIS teams. They are responsible for presenting problems as opportunities and knowing when to escalate issues to senior management.

Meaningful work you’ll be part of  

 

As a Global Application Security Risk Manager, you’ll work as part of a team of problem solvers, helping to solve business issues, deliver high quality client service and operational efficiency. Responsibilities include but are not limited to: 

• Review tickets for inconsistencies, talking points, in advance of ERV calls/Initial conversation with customers  

• Validate ticket, associated tasks and SDD information and manage and run ERV calls  

• Work with Risk Reviewer to understand questionable items and define approach to ticket review 

• Review previous tickets, including upstream and downstream relationships and for other firms and their results in relationship to other tickets– discuss inconsistencies with the Risk Reviewer 

• Maintain a dashboard of your ticket status' and be ready to report on status of any ticket and general metrics upon request and review and action pending items/responses in a timely manner 

• Participate in team calls and ideation exercises and be able to communicate with seniors and stakeholders  

• Review related CRS and SRT tasks and manage calls upon request or when the Customer does not understand the record documentation 

• Assist with creation of Issues and/or Mitigation Plans for Issues 

• Track progress of the ticket through the Issue Mgmt. Stage and manage interactions with ancillary NIS teams: Global Workspace; m365; Third Party Risk Mgmt.; Splunk; Business Continuity; Mobile Application Mgmt.; BISO/CISO teams  

 

 

Experiences and skills you’ll use to solve

• Customer service skills to create an exceptional customer experience 

• Strong organizational and time management skills to support multiple concurrent reviews  

• Self- Awareness and a quick learner (ability to integrate training and coaching received into action) 

• Knowledge of the Information Security Policy, Application Readiness Standard, & Applicable Supporting Standards 

• Understand the purpose of Application Readiness process and ability to interact with customers, and ensure customers understand what actions they need to take  

• Ability to assess whether a control is 'met' or 'not met' (black and white) 

• Ability to review documentation analytically and assess control compliance based on information/ documentation provided 

• Ability to evaluate complex data and determine whether data can be used to support the reviews being conducted  

• Ability to pull facts and details related to controls from different types of documentation and diagrams submitted 

• Interface with customers to ask clarifying questions, prompt for responses to open items, provide guidance on next steps, schedule meetings 

• Interface with AR Risk Manager(s) and AppSec Architects to provide status, raise flags/ concerns related to IT Security Risk 

• Document work in the SNOW AR Ticket 

• Strong communication, organizational skills, problem-solving skills, strategic thinking  

• Ability to manage multiple projects and teams 

• Knowledge of information security policies and application readiness standards Desire 

• Nice to have certifications CISSP / CISM /CISA / CCSK / CCSP / CRISC 

Why you’ll love PwC 

We’re inspiring and empowering our people to change the world. Powered by the latest technology, you’ll be a part of diverse teams helping public and private clients build trust and deliver sustained outcomes. This meaningful work, and our continuous development environment, will take your career to the next level. We reward your impact, and support your wellbeing, through a competitive compensation package, inclusive benefits and flexibility programs that will help you thrive in work and life. Learn more about our Application Process and Total Rewards Package at: https://jobs-ca.pwc.com/ca/en/life-at-pwc 

PwC Canada acknowledges that we work and live across Turtle Island, on the land that is now known as Canada, which are the lands of the ancestral, treaty and unceded territories of the First Nations, Métis and Inuit Peoples. We recognize the systemic racism, colonialism and oppression that Indigenous Peoples have experienced and still go through, and we commit to allyship and solidarity. 

 

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Embracing Change, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity {+ 16 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date

At PwC Canada, our most valuable asset is our people and we grow stronger as we learn from one another. We’re committed to creating an equitable and inclusive community of solvers where everyone feels that they truly belong. We understand that experience comes in many forms and building trust in society and solving important problems is only possible if we reflect the mosaic of the society we live in.

We’re committed to providing accommodations throughout the application, interview, and employment process. If you require an accommodation to be at your best, please let us know during the application process.

To learn more about inclusion and diversity at PwC Canada: https://www.pwc.com/ca/en/about-us/diversity-inclusion.html. Be a part of The New Equation.

Chez PwC Canada, notre atout le plus précieux, c’est notre personnel. Et c’est en apprenant les uns des autres que nous devenons plus forts. Nous avons à cœur de créer une communauté équitable et inclusive de professionnels de la résolution de problèmes, dans laquelle chacun se sent vraiment à sa place. Nous savons que l’expérience peut prendre diverses formes et, pour nous, donner confiance au public et résoudre des problèmes importants n’est possible que si notre milieu de travail reflète la diversité de la société dans laquelle nous vivons.

Nous tenons à répondre à vos besoins tout au long du processus de demande d’emploi, d’entrevue et d’embauche. Si vous avez besoin de mesures d’adaptation pour être parfaitement à l’aise, faites-le-nous savoir à l’étape de la demande d’emploi.

Pour en savoir plus sur l’inclusion et la diversité chez PwC Canada: https://www.pwc.com/ca/fr/about-us/diversity-inclusion.html. Faites partie de La Nouvelle équation.