Information Security Senior Consultant (GRC)

Job Description & Summary

Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC’s clients. In a recent PwC survey, it remains the top risk in the minds of CEO’s globally. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale.

At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise.

As one of the largest cyber security specialist consulting practices in the CEE region, we have over 250 practitioners who range from business risk advisors who work with CEOs, CFOs and boards, to transformation specialists who execute major change programmes, to deep technical SMEs who help clients implement controls to secure their businesses from attack, and support them to respond when an attack occurs.

Our team is experiencing significant growth which is driven by demand from our clients for greater assistance in dealing with increasingly complex cyber security risks, and support in executing their change and growth agendas securely.  We believe helping our clients gain confidence in their digital future is essential to their growth, and as a result our cyber security practice is one of the key growth priorities of our firm. 

We are seeking a number of senior consultants to join our Cyber security team to respond to strong demand-led growth.

The Role:

• The cyber security team helps clients to understand their cyber risks and define, architect, and execute a strategy which enables the business to deliver its objectives within their desired risk envelope.   
• We support client leadership teams to define their risk appetite and a proportionate target state of cyber capability and maturity to deliver it;
• We define operating and governance models to make cyber security a sustainable capability which responds to evolving business priorities;
• We architect and deliver complex multi-year transformation programmes both uplifting clients’ cyber security capability, and baking cyber security into other transformation agendas.
• You will also have strong relationship building skills and you’ll be keen to support our practice senior leaders to respond to client needs and win new work.
• You may have worked within a corporate organisation or across multiple industries, or have developed a specialism in a particular sector. Whichever of these describes you, you will be developing a strong track record of credibility as a trusted advisor to business stakeholders on cyber security.

Education Requirements:

• Bachelor's degree in Information Systems or related discipline preferred. 
• CISSP, CISM, CISA, CRISC, CIPP, or equivalent Certification preferred.

Experience Requirements:

• At least 3 - 5 years of information security consulting experience and/or prior work experience with a consulting/auditing firm (Big 4 experience is a plus).
• Demonstrate ability to apply a comprehensive mindset to different compliance initiatives.
• Solid Knowledge/Experience of cybersecurity frameworks or standards like ISO/IEC 27001:2013, PCI DSS, NIST CSF and NIST 800-53.
• Fluent English language proficiency
• Solid experience in testing, evaluating, and documenting controls for compliance.
• Solid understanding of assessing and designing internal controls in an enterprise-level environment.
• Demonstrated characteristics of a forward thinker and self-motivator who thrives on new challenges and adapts to learning new knowledge.
• Strong clear and concise writing, and verbal skills to communicate complex issues in simple terms to key contacts and team members.
• High-level of attention to detail and be a self-starter with ability to work independently, but in a team environment, multi-task and adjust to shifting priorities.
• PC skills and hands-on experience building tools and presentations with MS Office, Project, and Access.

What we offer:

• Company training and excellent opportunities for professional and career growth
• Challenging and interesting projects
• Professional, positive and team-oriented working environment
• Competitive salary and comprehensive employee benefit program
• Central office location

Your skills and experience. Our technology and opportunities. A powerful combination. Be part of the New Equation.

Only short-listed candidates will be contacted.

"PricewaterhouseCoopers Bulgaria EOOD, or PwC Legal Bulgaria Partnership, or PricewaterhouseCoopers Audit OOD, which runs a recruitment process, with its seat and registered address in 9-11 Maria Louisa Blvd., Sofia 1301, Bulgaria („PwC” or “we”) will be the controller of your personal data submitted in your application for a job. Your personal data will be processed for the purpose of performing a recruitment process for the job offered. If you give us explicit consent, your personal data will be also processed for participation in further recruitment processes conducted by PwC and sending notifications about job offers in PwC or job related events organized or with the participation of PwC such as career fair. Full information about processing your personal data is available in our Privacy statement."