PwC Recruitment Drive; Hiring Cyber Risk Associate – Apply Now

As a Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Candidates are advised to apply soon, before the link expires

Name of the Organization: PwC

Requisition ID: 587338WD

Positions: Cyber, Risk and Transformation Associate

Location: Chennai, Mumbai, Bangalore, Kolkata & Telangana

Salary: As per company Norms

Educational Qualifications:

• MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems).
• Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC)
• Minimum Years of Experience: 1 - 3 years

Position Requirements:

• Assess the effectiveness of control frameworks to mitigate risks and achieve organizational goals.
• Stay updated on relevant regulations, guidelines, and industry best practices to minimize risk and ensure compliance.
• Recommend and implement corrective action plans to address and mitigate identified risks.
• Conduct internal security evaluations to ensure compliance with regulatory and organizational standards.
• Possess strong experience in conducting organization standard/policy gap and maturity assessments using industry best practices (NIST/ISO/PCI, etc.).
• Analyze the security posture of organizations by assessing the design and implementation of security controls.
• Strong understanding of cybersecurity and risk control frameworks and their application in supplier management.
• Experience in vendor risk management, outsourcing risk management, technology risk, and information security.
• Comprehensive understanding of various components of an enterprise cybersecurity program, including governance structures, risk and threat management, key controls, key processes, security architecture, and security training programs.
• Recommend cybersecurity action plans to help organizations achieve their overall cybersecurity objectives.
• Hands-on experience and proficiency in creating, writing, and maintaining cybersecurity standards and policies.
• Experience partnering with various functions within the cybersecurity organization to capture and document services and associated core processes, work instructions, and templates.
• Perform various assessments, including maturity assessments, audit readiness, controls design and effectiveness, planning, and framework assessments.
• Develop program objectives for the design framework, encompassing the following elements:
• Establishment of the first, second, and third lines of defense.
• Formulation of clear vision and mission statements.
• Conducting current state and target state assessments.
• Planning and estimating the roadmap for the program.
• Implementing robust program governance.
• Creating target operating models for compliance standards such as NIST, PCI-DSS, HIPAA, HITRUST, ISO, and COBIT.
• Define and assess cloud architecture, including the development of cloud reference architecture, target state cloud architecture, compliance requirements, and migration strategies.
• Strong knowledge and experience with GRC tools, such as ServiceNow, MetricStream, OpenPages, Archer, and data analytics and visualization tools like PowerBI, Alteryx, and Tableau.
• Proven experience in implementing effective and innovative technology solutions.

Desired Knowledge:

• Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute to a team environment. 
• Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
• Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs.
• Ability to create domain specific training content and deliver trainings effectively
• Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities.
• Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture.
• Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. 

 

Apply Link – Click Here

For Regular Updates Join our WhatsApp – Click Here

For Regular Updates Join our Telegram – Click Here