Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
Senior AssociateJob Description & Summary
At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively.Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution.
Position Requirements
Security strategy and governance projects (security strategy, operating model, org structure etc.)
Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation
Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation.
Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.).
Policy management (policy writing, policy review, policy lifecycle) projects
Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies.
Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance
Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program.
Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program
Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective
Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau.
Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates.
Analyze the security posture of the organizations by assessing the design and implementation of security controls.
Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security.
Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain.
Experience in implementing effective and innovative technology solutions.
Desired Knowledge
Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment.
Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs.
Ability to create domain specific training content and deliver trainings effectively
Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities.
Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture.
Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts.
Professional & Educational Background
MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems).
Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC)
Additional Information
Travel Requirements: Not Applicable
Line of Service: Advisory
Industry: Consulting
Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST)
Minimum Years of Experience
3 - 8 years
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Anti-Money Laundering (AML), Coaching and Training, Communication, Compliance Advisement, Compliance Oversight, Compliance Program Implementation, Compliance Risk Assessment, Confidential Information Handling, Contract Review, Contractual Risk Mitigation, Contractual Risk Monitoring, Contract Writing, Creativity, Crisis Management, Data Loss Prevention (DLP), Data Security, Discretion and Business Ethics, Embracing Change, Emotional Regulation, Empathy, Financial Risk Management {+ 32 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
NoGovernment Clearance Required?
NoJob Posting End Date