Cybersecurity-Strategy Risk & Compliance-Senior Associate-Bangalore

2 Weeks ago • 4-8 Years

About the job

SummaryBy Outscal

Cybersecurity Strategy Risk & Compliance Senior Associate role requires 4-8 years experience. Must-have skills include Security Architecture Risk Assessments, Network & Application Infrastructure knowledge, and compliance frameworks like ISO 27001. Strong communication and problem-solving skills are essential.

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

Our Regulatory Compliance team focuses on helping our clients understand their regulatory landscape on a domestic and global scale. You'll work with our clients aligning a number of different cyber, privacy and industry frameworks and requirements to their business. This includes, but is not limited to: NIST CSF, ITIL, HIPAA, PCI, FDA, FERC/NERC, OCC, FFIEC, ABAC, Cyber Executive Orders, etc. Our team designs, implements, and maintains an effective compliance program that helps our clients manage the risks against regulatory compliance obligations, as well as control framework commitments to their Board/stakeholders.

Our team also works with regulatory examiners, investigators, and industry leaders to continue to stay ahead of upcoming regulatory changes or enforcements. We help inform our clients on controls or requirements that require enhancements, and help with the compliance change management components driving new technical and business requirements out to their end users. You will be part of a team that not only assesses organizational compliance, but helps clients to strategically think through the best way to manage in a cost-effective, yet defensible manner.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Use feedback and reflection to develop self awareness, personal strengths and address development areas.
  • Delegate to others to provide stretch opportunities and coach to help deliver results.
  • Develop new ideas and propose innovative solutions to problems.
  • Use a broad range of tools and techniques to extract insights from from current trends in business area.
  • Review your work and that of others for quality, accuracy and relevance.
  • Share relevant thought leadership.
  • Use straightforward communication, in a structured way, when influencing others.
  • Able to read situations and modify behavior to build quality, diverse relationships.
  • Uphold the firm's code of ethics and business conduct.

Cybersecurity & Privacy, Strategy, Transformation & Risk, Senior Associate

Meaningful work you’ll be part of

As a Senior Associate, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Responsibilities include but are not limited to::

As an Senior Associate, you will be aligned to our Strategy, Risk & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the SRC-Security Architecture team which is responsible for helping clients and organizations to plan, research, design and implement security architecture and identify risks and create mitigation plans. You will work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution.

 Years of Experience 

  • 4 to 8 Years

Position Requirements

  • Perform Security Architecture Risk Assessments for third party clients or vendors.

  • Review security control questionnaires, and Architecture diagrams to identify risks and document findings

  • Deep understanding of Network and Application Infrastructure,Web-based applications, Desktop applications and Back- end Applications Security testing, API’s

  • Responsible for managing relationships with third parties that provide for the Continuous Monitoring program,including closing findings, completing assessments, and attesting that ongoing management activitie

  • Position Requirements

  • Perform Security Architecture Risk Assessments for third party clients or vendors.

  • Review security control questionnaires, and Architecture diagrams to identify risks and document findings

  • Desired Skills 

  • Excellent communication skills and executive presence that enable effective engagement with senior stakeholders.

  • Excellent written skills, and the ability to interpret and articulate security scenarios and recommendations to senior management.

  • Demonstrate proven extensive abilities along with leveraging creative thinking and problem-solving skills, individual initiatives, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs.

  • Ability to create domain specific training content and deliver training effectively.

  • Communicating in an organized and knowledgeable manner in written and verbal formats that include delivering clear requests for information and handling potential conflicts.

  • Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.

  • Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities.

  • Develop/Implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture.

  • Demonstrate the  ability to track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in client’s security strategy plans and architecture artifacts. 

  • Have a strong grasp on complex risk management and assessment theories and practices, as well as intricate cybersecurity laws and guidelines.

  • Familiarity with organizational policies, government regulations, and information technology ethics.

  • Be a team player and work closely with fellow IT professionals in planning, employing, and monitoring security solutions.

  • Demonstrate creativity and innovative thinking, and adapt to trying new techniques and employing the latest technologies.

  • Deep understanding of Network and Application Infrastructure,Web-based applications, Desktop applications and Back- end Applications Security testing, API’s

  • Responsible for managing relationships with third parties that provide for the Continuous Monitoring program,including closing findings, completing assessments, and attesting that ongoing management activities are conducted.

  • Identification of issues, risks, opportunities and improvement of policies, processes, procedures and standards.

  • Raising risk findings with stakeholders and recording it per standardized requirements. Should be able to communicate key risk findings effectively.

  • Monitoring and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for appropriate escalation to stakeholders and Conducting training.

  • Good understanding of compliance standards/frameworks like ISO 27001/27002, NIST, COBIT, SOX, GLBA, SSAE16/SOC 2, etc. will be an advantage.

  • Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment.

Desired Skills 

  • Excellent communication skills and executive presence that enable effective engagement with senior stakeholders.

  • Excellent written skills, and the ability to interpret and articulate security scenarios and recommendations to senior management.

  • Demonstrate proven extensive abilities along with leveraging creative thinking and problem-solving skills, individual initiatives, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs.

  • Ability to create domain specific training content and deliver training effectively.

  • Communicating in an organized and knowledgeable manner in written and verbal formats that include delivering clear requests for information and handling potential conflicts.

  • Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.

  • Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities.

  • Develop/Implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture.

  • Demonstrate the  ability to track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in client’s security strategy plans and architecture artifacts. 

  • Have a strong grasp on complex risk management and assessment theories and practices, as well as intricate cybersecurity laws and guidelines.

  • Familiarity with organizational policies, government regulations, and information technology ethics.

  • Be a team player and work closely with fellow IT professionals in planning, employing, and monitoring security solutions.

  • Demonstrate creativity and innovative thinking, and adapt to trying new techniques and employing the latest technologies.

Professional and Educational Background 

  • Bachelor’s or Master’s Degree from reputed Indian Universities.

Additional Information

Travel Requirements: Travel to client locations may be required as per project requirements.

  • Line of Service: Advisory
  • Industry: Consulting

Location: Bangalore      

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date

About The Company

At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 152 countries with over 327,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity.


Content on this page has been prepared for general information only and is not intended to be relied upon as accounting, tax or professional advice. Please reach out to your advisors for specific advice.

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug