Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
Senior AssociateJob Description & Summary
At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively.Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
Overview
The Cyber Resilience Senior Associate will be responsible for developing and implementing cyber resilience strategies and programs, ensuring the resilience and continuity of IT systems. The ideal candidate should have a strong understanding of cyber resilience practices and standards, possess excellent communication and organizational skills, and be able to work independently as well as part of a team.
Key Responsibilities
Create and enforce comprehensive business continuity and cyber resilience strategies to ensure clients' operations can withstand and quickly recover from disruptions.
Conduct thorough risk assessments and develop risk treatment plans to identify and manage vulnerabilities and potential threats to business operations and cyber resilience.
Provide expert advice to clients on business continuity and cyber resilience, including policy development, risk assessments, and compliance strategies.
Design and document IT Disaster Recovery (ITDR) policies and procedures, including Application Sensitivity Assessments (ASA) and Failure Mode and Effects Analysis (FMEA).
Develop and implement Business Continuity and Disaster Recovery (BCDR) plans, Information Security Management Systems (ISMS), and enterprise risk management frameworks.
Develop and execute incident response plans, ensuring rapid and effective recovery from cyber incidents and other disruptions.
Develop and execute disaster recovery plans and runbooks and facilitate tabletop simulation exercises focusing on natural disasters and cyber threats.
Manage all phases of disaster recovery testing initiatives, including planning, coordination, execution, and post-drill activities.
Implement and oversee compliance monitoring, auditing, and remediation activities to ensure adherence to relevant regulations and best practices.
Develop and deliver training programs for clients and internal teams to promote awareness and preparedness for business continuity and cyber resilience.
Provide advisory services on the selection and implementation of Business Continuity Management (BCM) tools and the automation of BCMS processes.
Contribute to practice enablement and business development activities (development of SOW’s, RFPs in alignment to client’s requirement, etc.)
Drive initiatives to develop innovation quotient (publishing whitepapers, help develop business case for an innovative technical idea to seek investments, point of view, etc.)
Position Requirements
In-depth understanding of cyber resilience principles, business continuity, and disaster recovery frameworks.
Knowledge of network security/hardening, whitelisting, and cybersecurity best practices.
Proficiency in conducting risk assessments and developing IT Disaster Recovery plans and procedures.
Good knowledge of cybersecurity principles, theories, and techniques.
Knowledge of relevant standards and regulations, including ISO 27001, ISO 22301, NIST SP 800-61, and the Digital Operational Resilience Act (DORA).
Experience working with frameworks such as MITRE ATT&CK, NIST, and SANS Incident Response.
Understanding of information security management systems (ISMS) and enterprise risk management (ERM) practices.
Experience in creating and maintaining Business Continuity Plans (BCPs), Crisis Management Plans (CMPs), and IT Disaster Recovery (ITDR) plans.
Demonstrate application of business acumen while leveraging technologies.
Desired Knowledge
Relevant certifications such as ISO 22301, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are highly desirable.
Excellent leadership, teamwork, and collaboration skills.
Practical experience in conducting business continuity and cyber resiliency testing and simulations.
Proficient in security operations, particularly in handling security incidents, cyber threat intelligence, and proactive threat hunting.
Hands-on experience with cyber defense security technologies, including SIEM, security detection platforms (IPS/IDS), and EDR/XDR (defense-in-depth).
Experience working with cloud platforms such as AWS, Azure, or GCP.
Years of experience
Minimum of 3-8 years of experience in business continuity, cyber resilience, or a related field. Experience in a consulting environment is highly desirable.
Professional and Educational Background
BE / B Tech / MCA / MS / MBA (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems).
Additional Information
Travel Requirements: Not Applicable
Line of Service: Advisory
Industry: Consulting
Location: Bangalore, Hyderabad, Mumbai, Kolkata, Chennai, Pune
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Anti-Money Laundering (AML), Coaching and Training, Communication, Compliance Advisement, Compliance Oversight, Compliance Program Implementation, Compliance Risk Assessment, Confidential Information Handling, Contract Review, Contractual Risk Mitigation, Contractual Risk Monitoring, Contract Writing, Creativity, Crisis Management, Data Loss Prevention (DLP), Data Security, Discretion and Business Ethics, Embracing Change, Emotional Regulation, Empathy, Financial Risk Management {+ 32 more}Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not SpecifiedAvailable for Work Visa Sponsorship?
NoGovernment Clearance Required?
NoJob Posting End Date
At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 152 countries with over 327,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity.
Content on this page has been prepared for general information only and is not intended to be relied upon as accounting, tax or professional advice. Please reach out to your advisors for specific advice.