IN-Associate _ITGC_Security And Governance_Advisory_Mumbai

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Associate

Job Description & Summary

A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Responsibilities: Roles & Responsibilities:

1. Ensure all information security and cyber security policies,
procedures and guidelines are reviewed and updated in timely
manner and exceptions to those are handled appropriately.
2. Assess efficacy of security controls, document and report
control failures and gaps to stakeholders, provide remediation
guidance and prepare management reports to track
remediation activities.
3. Implement security controls, risk assessment framework
and program that aligns to best practices and regulatory
requirements.
4. Develop relevant metrics, analyze data, identify trends and
help drive improvements to the control environment.
5. Ensure key information security risks and issues are
identified, addresses and resolved in a timely manner.
6. Ensure risk acceptances are documented, tracker and
followed up till closures and renewed whenever required.
7. Drive security awareness program across the organization.
Ensure the awareness activities are handled appropriately,
including but not limited to creation of content, help in
designing the content and broadcasting of content to relevant
parties in a timely manner post approvals.
8. Assist in ISO certification maintenance activities and
migration to new standard activities as per organization
requirements.
9. Well versed with well-known security frameworks such as
ISO 27001, ISO 22301, NIST, COBIT etc.
Desired Skills:
- Risk management, cyber security, ISO 27001 lead auditor,
security framework, regulatory requirements, security
controls, project management, business continuity
management, risk assessment, project management,
compliance assessment, excellent documentation skills, strong
communication and presentation skills, strong interpersonal
skills
Qualification
- Graduate – BE/BTech
- Relevant industry certification such as ISO 27001 Lead
Auditor is highly desirable.

Mandatory skill sets: ISO 27001, updating policy, reviewing Policy, ISO
understanding , Risk Assessment , risk Management,
Implement security controls, 

Preferred skill sets: ITGC

Years of experience required: 3-7

Education qualification: B.Tech

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date