Information Security Associate

Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

IFS – Risk & Quality (R&Q)

Management Level

Associate

Job Description & Summary

If you love the business side of information security this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology.

In turn the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program.

Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries’ cost of attack.

Network Information Security team is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients.

If you are seeking an exciting career with the scope to grow your information and cyber security skills, then NIS will empower you to do so.

Roles & Responsibilities:

Project Support:

• Assist in the planning, execution, and monitoring of projects.
• Utilise strong critical thinking and problem solving skills day to day
• Collaborate with team members to ensure project deliverables are met on time and within scope.
• Prepare and maintain project documentation, including reports, presentations, and meeting minutes.
• Quickly adapt to changing priorities and project requirements.
• Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment.
• Proactively identify and address potential issues or roadblocks to ensure smooth project execution.
• Work with other NIS teams both locally, regionally and globally to deliver the security needs specific to the firm.

Compliance and Vulnerability Management:

• Support work in vulnerability management and compliance activities
• Handles BAU activities such as managing security exceptions
• Help the business comply with the Information Security Policy by leveraging your cyber security knowledge and expertise.
• Collaborate with PwC IT and global team to align security process and tools.

Application Security:

• Guide and support the business team to complete all required security reviews
• Build knowledge on application security to effectively support security assessments
• Align with different global and local teams to identify and fix gaps or risk found.

Other

• Help with daily security incident handling
• Help to manage junior staff, eg. interns

An effective CISO pillar candidate will also possess the following skills/ Requirements

• Able to work in a fast-paced environment, can upskill quickly and learn proactively
• Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.
• Technical: Broad understanding of security technology.
• Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.
• Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects: Demonstrate flexibility in managing tasks and responsibilities in a dynamic work environment
• Understanding of technical and non-technical information security risks.
• Have skills to analyse data and visualise data (good to have knowledge of Excel, PowerPoint etc.)
• Good written and effective communicator to deal with various stakeholders
• Meticulous and possesses an eye for details
• Proactive, keen to learn, enjoys solving challenging problems, thinking outside of the box
• Diligent and open to feedback
• Experience in a role balanced between business stakeholders and a central service organization.
• Possess knowledge about application security to effectively support security assessments
• Time and Task Management: Ability to prioritise risk, manage a variety of take, take ownership to drive completion of activities and deliver on time

Education and Experience:

• Interest in Information Security
• Bachelor’s or master’s degree (technical degree) or equivalent Industry certification

Candidate Specifications:

Desired Certifications: (Certifications aren’t a prerequisite however are well regarded)

Education Level: Undergraduate Degree (e.g. BIT, BSc) STEM or equivalent work experience: 2 – 4 years’ of progressive professional roles involving information security, computer science and/or other technical background

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Application Security, Application Security Assessment, Application Security Assessments, Application Security Reviews, Application Security Testing, Cybersecurity Controls, Cyber Security Standards, Security Vulnerability Assessments, Threat and Vulnerability Assessment, Vulnerability Assessments, Web Application Security, Web Application Security Testing

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date

Read Full Description