Risk & Controls (Non US) - ITGC Associate - BLR/KOL/HYD/MUM

Line of Service

Industry/Sector

Specialism

Management Level

Job Description & Summary

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As an Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Invite and give in the moment feedback in a constructive manner.

• Share and collaborate effectively with others.

• Identify and make suggestions for improvements when problems and/or opportunities arise.

• Handle, manipulate and analyse data and information responsibly.

• Follow risk management and compliance procedures.

• Keep up-to-date with developments in area of specialism.

• Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.

• Build and maintain an internal and external network.

• Seek opportunities to learn about how PwC works as a global network of firms.

• Uphold the firm's code of ethics and business conduct.

Essential Duties and Responsibilities:

• Deliver security assessments, controls design and testing across multiple industry sectors in the areas of Cyber Governance Risk and Compliance, Third Party Risk Management, Technology Controls Testing, Cloud Governance and Risk based on industry standard frameworks such as ISO 27001, NIST, PCI DSS etc. and regulatory standards (Australian regulation experience preferred but not mandatory)

• Build and maintain strong peer relationships within the team and across the organisation.

• Stay updated on emerging technology risks, trends. Stay informed on industry best practices and regulatory requirements related to technology controls.

• Ensure compliance with engagement plans and internal quality & risk management procedures.

Interpersonal Skills:

• Ability to work under general supervision with latitude for initiative and independent judgment.

• Effective verbal and written communications, including active listening skills.

• Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors.

• Detail-oriented and comfortable working on multiple projects simultaneously.

• Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team.

Client Management

• Develop strong working relationships with the client and onshore client teams.

• Maintain excellent rapport and proactive communication with the stakeholders and client.

Operational excellence

• Suggest ideas on improving engagement productivity and identify opportunities for improving client service.

People related

• Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements.

Foster teamwork and innovation.

Minimum Qualifications

• Bachelor’s degree in information technology, computer science, or a related field.

• Candidates with 2-3 years of relevant experience in similar roles, preferably with a “Big 4” or equivalent.

• Experience in cyber security assessments, internal audit, or a related field.

• Experience in technology and cybersecurity controls testing.

• Experience in 1 or more of the following areas is essential:

• Security controls testing

• Security strategy, governance, risk, and compliance

• Security policies, procedures, standards, and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.,

• Data privacy and data protection controls

• Cloud technologies and cloud security

• Third party security

• Vulnerability management

• Knowledge of regulations and standards relating to protection of data and cybersecurity (PCI, GDPR, SWIFT, etc.).

• Experience using industry best practice frameworks (e.g., NIST CSF, ISO 27001, CIS, SANS, etc.)

Certification(s) preferred:

• CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications

Education (if blank, degree and/or field of study not specified)

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date