Technology Risk Services, Cloud Trust (Cloud & Cyber Security) - Manager/ Senior Manager

Line of Service

Assurance

Industry/Sector

TMT X-Sector

Specialism

Cybersecurity & Privacy

Management Level

Manager

Job Description & Summary

We believe that challenges are better solved together. That's why you'll join a diverse, global community of solvers - an unexpected mix of people that come together to build trust in society and solve important problems. With us, you are encouraged to lead with your heart and values, and where your unique skills are developed and put to work in unexpected and exciting ways, superpowered by technology.

Do you want to grow your professional career as a leader in a dynamic team working at the forefront of Cloud and Cyber Security? We have openings in our rapidly growing Cloud Trust team, which operates across multiple technology and business domains and a range of high-profile clients in this fast-growing market. In this role, you will have an opportunity to lead the growth and development of the team as we build on our position as a market leader. At the same time, you’ll be supported by our senior leadership to develop and enhance your career as a leader in the field of cloud and cyber security.

As a Cloud Trust Manager / Senior Manager, you will be leading teams to advise our clients in managing cyber security risk, technology resilience and compliance across a range of leading cloud services by leveraging a broad range of technical, security, risk, and compliance expertise. You will:

• Be a subject matter expert on cloud and cyber security risks, with significant experience with one or more leading cloud platforms in the IaaS (AWS, Azure, GCP, AliCloud, Huawei Cloud) or SaaS (Office 365, Google Workspace, Salesforce) space.
• Lead discussions with business and technology stakeholders to help develop and refine their cloud strategy in order to streamline their cloud journey and enable a secure, resilient and compliant cloud environment.
• Build trusted client relationships, advise and assist in the selection and tailoring of suitable approaches, controls, methodologies, and tools to drive secure and compliant cloud adoption.
• Work with Partners and/or Directors to identify new business opportunities, drive proposals, prepare and deliver client presentations, and convert opportunities into long-term client engagements.
• Develop sustainable client relationships across industries and sectors such as financial services, technology, telecommunications, and the government/public sector.
• Lead the design, development, and assessment of cloud technology architecture (networks, operating systems, databases, middleware, applications, etc.) and the associated security architecture (e.g., XDR, SIEM, SOAR, Cryptographic solutions, IDAM, etc.).
• Support our clients on their cloud transformation journeys by helping them design and build secure and compliant cloud solutions. You’ll be leveraging various industry standards and frameworks (e.g., CSA CSM, NIST CSF, ISO 27001, CIS), regulatory guidelines (e.g., MAS TRM, OSPAR, MTCS, SOC 2, ABS Cloud Guidelines, etc.), and PwC’s Cloud Trust Framework.
• Advise clients on designing more effective, efficient cloud security operations capabilities across a range of areas such as identity and access management, incident response, cryptographic key management, backup & recovery, third-party risk management, and others.
• Work with clients to develop/enhance their Dev(Sec)Ops capabilities to build scalable, robust, high performing, fault-tolerant, and secure software solutions using CI/CD (Continuous Integration Continuous Delivery) toolsets and automation.
• Advise and/or engineer cloud orchestration and automation in cloud environments using tools such as Terraform, Ansible, and Puppet.
• Lead and mentor your team, including providing on-the-job coaching, knowledge sharing, and being able to draw on subject matter specialist knowledge accordingly.
• Share leading practices amongst the business and technology community, publish whitepapers and thought leadership articles, and participate in industry events.

Requirements and Attributes:

• Experience working in one or more of the following disciplines: cyber security, technology risk management, cloud/IT advisory and implementation, cloud or security software product development, security operations, or IT regulatory compliance. The seniority of the candidate is commensurate with years of relevant experience and skillset.
• Good interpersonal and communication skills, with significant experience in managing complex engagements and stakeholders; business development experience is a plus.
• Demonstrated knowledge and experience working across a diverse range of technology domains (see below)
• Degree and/or Diploma in Computer Science, Computer Engineering, Information Technology and/or a related field from a reputable university or institution.
• Professional certification(s) in one or more areas of cloud, cyber security, technology risk management, IT audit, or architecture such as CISSP, CRISC, CISM, CCSP, CISA, CCSK, CCAK, TOGAF, etc.
• Associate level certification (Professional level preferred) in cloud technologies for one or more cloud (IaaS, PaaS, and SaaS) service providers like AWS, Azure, GCP, AliCloud, or Huawei Cloud.

Technical knowledge and experience:

• It is preferred for candidates to have broad exposure to a range of diverse technology, security concepts, tools, and methodologies, with some specific areas of focus/expertise. These may include:

• Amazon AWS, and services such as EC2, S3, RDS, R53, AWS Direct Connect.
• Microsoft Azure, and services such as VM, SQL DB, Blob Storage, Azure ExpressRoute
• Google Cloud Platform, and services such as GCE, Cloud SQL, Google Cloud Dedicated Interconnect.
• Identity and Access Management (IAM) and Privileged Access Management (PAM)
• Application Security frameworks and standards such as OWASP
• Technology resilience
• Security Operations
• Logging and monitoring, and SIEM suites/associated tools
• Networking (hardware, software, routing, firewalls, VPC, SASE)
• Operating Systems (Windows, UNIX, Linux)
• Containerization (Kubernetes/K8, Docker)
• Application Management such as Elastic Beanstalk, App Engine.
• Database / Data Warehouse such as SQL, NoSQL, Columnar, Graph.
• Encryption and Cryptographic Key-Management
• High Availability architecture, data backup, and recovery
• DevSecOps, CI/CD (Continuous Integration Continuous Deployment), and associated tools such as Terraform, Jenkins, Ansible, Chef, Puppet, Salt stack, etc.
• DevSecOps Automation tools such as Boto3, Lambda, Azure Functions, Google Functions, Python, JSON.
• Knowledge of programming or scripting languages such as Python, Node.js.

Please refer to our website to know more about us, and feel free to reach out to us if you have any questions.

https://www.pwc.com/sg/en/risk-assurance/cloud-trust.html

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

Yes

Government Clearance Required?

No

Job Posting End Date