Cyber Risk & Controls - Senior Associate Cyber Controls (ITGC) - BLR/KOL/HYD/MUM

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Business Controls

Management Level

Senior Associate

Job Description & Summary

A career within Internal Audit services, will provide you with an opportunity to gain an understanding of an organisation’s objectives, regulatory and risk management environment, and the diverse needs of their critical stakeholders. We focus on helping organisations look deeper and see further considering areas like culture and behaviours to help improve and embed controls. In short, we seek to address the right risks and ultimately add value to their organisation.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Invite and give in the moment feedback in a constructive manner.

• Share and collaborate effectively with others.

• Identify and make suggestions for improvements when problems and/or opportunities arise.

• Handle, manipulate and analyse data and information responsibly.

• Follow risk management and compliance procedures.

• Keep up-to-date with developments in area of specialism.

• Communicate confidently in a clear, concise and articulate manner - verbally and in the materials I produce.

• Build and maintain an internal and external network.

• Seek opportunities to learn about how PwC works as a global network of firms.

• Uphold the firm's code of ethics and business conduct.

Essential Duties and Responsibilities:

• Deliver technology focused internal audit reviews within the financial service sector in the areas of cyber, cloud computing, IT governance, risk and compliance, ISO 27000, NIST and PCI DSS etc.

• Review test findings, facilitate the remediation of IT control gaps, and escalate possible critical issues to senior management within the team.

• Build and maintain strong peer relationships within the team and across the organisation.

• Stay updated on emerging technology risks, trends. Stay informed on industry best practices and regulatory requirements related to technology controls.

• Ensure compliance with engagement plans and internal quality & risk management procedures.

Interpersonal Skills:

• Ability to work under general supervision with latitude for initiative and independent judgment.

• Effective verbal and written communications, including active listening skills.

• Ability to establish and maintain effective working relationships with co-workers and external contactors/auditors

• Detail-oriented and comfortable working on multiple projects simultaneously.

• Individuals would be expected to cultivate a strong team environment and promote a positive working relationship amongst their team.

• Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables.

• Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties

Client Management

• Develop strong working relationships with the client and onshore client teams.

• Maintain excellent rapport and proactive communication with the stakeholders and client.

Operational excellence

• Suggest ideas on improving engagement productivity and identify opportunities for improving client service.

People related

• Display teamwork, integrity, and leadership. Work with team members to set goals and responsibilities for specific engagements.

• Foster teamwork and innovation.

• Utilize technology & tools to continually learn and innovate, share knowledge with team members and enhance service delivery.

Minimum Qualifications

• Bachelor's degree in information technology, computer science, or a related field.

• Candidates with 3-5 years of relevant experience in similar roles, preferably with a “Big 4” or equivalent.

• Experience in internal audit, external audit, or a related field.

• Experience in technology and cybersecurity controls testing.

• Experience in 1 or more of the following areas is essential:

• IT general controls testing,

• Security strategy, governance, risk and compliance,

• Security policies, procedures, standards and controls in line with regulation and/or current standards, ISO27001, NIST, SANS etc.,

• Data privacy and data protection controls,

• Cloud technologies and cloud security,

• Third party security,

• Vulnerability management

• Knowledge of regulations and standards relating to protection of data and cybersecurity (PCI, GDPR, SWIFT, etc.).

• Experience using industry best practice frameworks (e.g. NIST CSF, ISO 27001, CIS, SANS, etc.)

Certification(s) preferred:

• CISA / CISM / CRISC / CISSP / ISO 27001 LA certifications

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

Yes

Job Posting End Date

November 30, 2024