A career in our Risk and Compliance Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You’ll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Our team helps organisations transform their governance, risk, and compliance activities into a tool that is able to anticipate and mitigate risk to drive business performance. In joining, you’ll develop risk management solutions, compliance and ethics controls, business continuity planning, internal audit procedures, and a compliance framework.
As a Director, you’ll work as part of a team of problem solvers with extensive consulting and industry experience, helping our clients solve their complex business issues from strategy to execution. Specific responsibilities include but are not limited to:
- Proactively lead the practise by setting strategy, drive the development of new business in the market, and provide technical advice across disciplines
- Building strong networks within the firm to spot and capitalise on opportunities to get involved in projects that others are leading across a number of different business units and sectors
- Identifying and discussing key issues with our clients to identify potential opportunities
- Responsibility for a majority of day to day client communications
- Responsibility to shape and deliver various projects that exceed the expectations of our clients and our own assignment quality criteria
- Manage and deliver large projects by developing the project team, assessing engagement risks throughout, driving conclusions, and reviewing / challenging the output produced by the team
- Responsibility for management of engagement financials
- Helping to grow and develop our team through hands on training and coaching
Job Requirements and Preferences:
Minimum Degree Required
Minimum Years Of Experience
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISACA Certified in Risk and Information Systems Control (CRISC)
Demonstrates proven thought leadership and success in roles directing cyber-risk management, including the following areas: – Being recognized as an industry leader, providing thought leadership in cyber-risk management and the financial services industry; – Generating revenue and maintaining client relationships within the financial services industry; and, – Managing and overseeing large projects involving information security, technology risk management, cybersecurity or cyber-risk management. – Leading project workstreams and associated staff on complex cyber risk management engagements – Familiarity with common regulatory requirements such as OCC HS, FFIEC, GLBA, NY DFS etc. as well as industry frameworks such as NIST CSF, COBIT, COSO and PCI
Demonstrates proven thought leader abilities, competencies and success solving complex cyber-risk management issues, including the following areas:
- Design and development of IT Risk and Cyber security programs using industry frameworks and methodologies;
- Advising clients on complying with regulatory requirements such as OCC HS, FFIEC, GLBA, NY DFS etc. as well as industry frameworks such as NIST CSF, COBIT, COSO and PCI
- Building and operationalizing complex IT risk management and cyber security programs for clients
- Leading the development of frameworks, strategies, and operating models on IT risk management and cyber security for clients
- Implementation and maintenance of enterprise-wide cyber risk governance frameworks;
- Assessment of enterprise-wide business risks and cyber threats; Development of detailed business risk scenarios and cyber threat models; Design and implementation of cyber risk management controls; Monitoring and reporting of cyber risks, threats and vulnerabilities;
- Development, implementation and periodic testing of cyber resiliency plans; Use of tools and technology to provide data analytics and business intelligence on cyber threats, risks and vulnerabilities.
- Designing KRIs and metrics to build risk reports for management Demonstrates proven thought leader abilities to obtain and lead client engagements that identify and address client needs, including these areas:
- Participating actively in client discussions and meetings;
- Communicating a broad range of PwC services; – Managing and overseeing engagements;
- Preparing concise and accurate documents – leveraging and utilizing MS Office and Lotus Notes to complete related project deliverable;
- Managing project financials in line with agreed-upon budgets.
Demonstrates proven thought leadership abilities with directing and business functions and teams, including these areas:
- Creating a positive working environment by monitoring and managing workloads of the team – balancing client expectations with the work-life quality of team members;
- Providing candid, meaningful feedback in a timely manner to team members; – Keeping leadership informed of progress and issues
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
Click here to apply.