Third Party Risk Management

Job Description & Summary

A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You’ll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firm’s intellectual assets.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

At PwC, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution.

Job Requirements and Preferences:

• Understanding risk management principles as they are applied in the support of and integration with key business and strategic priorities

• Performing risk assessments and/or audits against a standardized set of information security requirements, including evidence-based controls evaluation

• Conducting findings and remediation identification for issues noted during risk assessments

• Analyzing risk data and generating meaningful reports for stakeholders, highlighting trends and insights

• Executing tasks aligned to Third Party Risk Management with autonomy and in alignment with defined timelines and service targets

• Strong communication skills to effectively engage and collaborate with stakeholders at all levels, translating technical risks into business language

• Balancing business stakeholders and a central technology service organization

• Navigating successfully in a matrix organization

• Ability to manage and lead projects, ensuring timely delivery and alignment with strategic priorities

• A mindset focused on continuous improvement, innovation, and staying current with emerging threats and technologies

• Sensitivity to cultural differences and an understanding of how these might affect risk management practices in a global context

• Proficiency with risk management and GRC tools, such as Archer and ServiceNow.

Apply, if you have:

• 1-3 years of experience of progressive professional roles involving information security and/or risk assessment

• Certifications – preferred Certified Information Systems Auditor (CISA), ISO Lead Auditor, Certified Internal Auditor (CIA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)

• IT Audit, ISO, Risk Assessment, Risk Management Third Party Risk Management (TPRM), IT General Controls (ITGCs), Security Assessor, Compliance.