Line of Service
AdvisoryIndustry/Sector
Not ApplicableSpecialism
Cybersecurity & PrivacyManagement Level
Senior AssociateJob Description & Summary
A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.Our Strategy and Program Design team focuses on helping our clients assess, design, implement, and maintain an effective cybersecurity program that protects against threats, manages risk, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You'll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing programs to deliver continuous operational improvements and increasing their strategic cybersecurity investments while aligning to business imperatives.
Our team helps organisations develop strategy and/or governance structures to improve the effectiveness of their cyber operations. In joining our team, you’ll design a blueprint of our clients future operating models as well as a roadmap outlining the various initiatives required to get there. Additionally, you’ll help design and implement organisational, metrics and reporting, and risk management changes necessary to execute strategy.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Use feedback and reflection to develop self awareness, personal strengths and address development areas.Delegate to others to provide stretch opportunities and coach to help deliver results.Develop new ideas and propose innovative solutions to problems.Use a broad range of tools and techniques to extract insights from from current trends in business area.Review your work and that of others for quality, accuracy and relevance.Share relevant thought leadership.Use straightforward communication, in a structured way, when influencing others.Able to read situations and modify behavior to build quality, diverse relationships.Uphold the firm's code of ethics and business conduct.The NIST experienced Senior Associate will play a vital role in identifying cyber risks and describing the desired outcomes. The ideal candidate should have a strong understanding of NIST CSF (NIST Cybersecurity Framework) and other NIST and industry recognized standards, possess excellent communication and organizational skills, and be able to work independently as well as part of a team. The NIST Experienced Senior Associate is expected to assist in the following activities:
● Independently perform NIST CSF Maturity Assessments in collaboration with the client’s sponsor, identify and engage with stakeholders across different functional areas, including but not limited to the business, IT, Security, Legal & Compliance, and HR.
● Understand clients’ security organization, including roles and responsibilities, interactions with other enterprise functions and role of third parties, etc.
● Participate or facilitate workshops and/or individual interviews to identify, document gaps and current state of Cybersecurity.
● Review IT and security architectures, design patterns, and other technical documentation.
● Draft assessment reports including Executive Summary, observations/recommendations/peer comparisons, benchmark etc.
● Suggest Cybersecurity strategic initiatives to achieve future/target state.
● Create a roadmap for identified cyber initiatives.
● Conduct NIST CSF, NIST 800-53, NIST 800-171, ISO, CRI etc. gap assessments or compliance testing.
● Perform evidence validation to ensure compliance.
● Define testing and sampling procedures.
● Develop SOW’s, RFP’s in alignment to client’s requirements and lead the CoE.
● Lead business development efforts in alignment to NIST CoE requirements. Years of Experience
● 4-8 years of Information Security industry experience and min 3+ relevant experience in NIST CSF Maturity Assessments, ISO,FFIEC, Cloud security CRI (desired).
Position Requirements
● Conduct Maturity assessments based on NIST frameworks.
● Perform gap assessments and Control testing using NIST standard/frameworks.
● Good understanding of compliance standards/frameworks like ISO 27001/27002, NIST, COBIT, SOX, GLBA, SSAE16/SOC 2, etc. will be an advantage.
● Excellent written and oral communication skills, can express thoughts clearly, knows how to listen, take detailed notes and contribute in a team environment. Desired Knowledge
● NIST CSF, NIST 800-53, NIST 800-171, Cloud security and other industry standards such as ISO, PCI, HITRUST etc.
● Excellent leadership, teamwork and collaboration skills.
● Ability to quickly acquire and utilize knowledge on new technologies and solutions, emerging threats and vulnerabilities. Desired Skills
● Excellent MS-Office skills
● Results oriented, high energy, self-motivated.
Professional and Educational Background
● MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems).
● Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC). Additional Information Travel Requirements: Not Applicable
● Line of Service: Advisory
● Industry: Consulting
● Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years of Experience: 4 - 8 years
©
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Desired Languages (If blank, desired languages not specified)
Travel Requirements
0%Available for Work Visa Sponsorship?
NoGovernment Clearance Required?
NoJob Posting End Date