PwC
We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.
Line of Service: Advisory
Industry/Sector: Not Applicable
Specialism: Cybersecurity & Privacy
Management Level: Manager
Job Description & Summary: A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.
About the Role:
- Design Cybersecurity framework based on business objectives and strategic imperatives of the client organisation including goals, vision, mission, and operational plans.
- Devise a cybersecurity strategy encompassing enterprise security architecture, design, and program transformation.
- Design and operate governance and security processes at system, network and application levels.
- Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities.
- Be abreast of best practices, vendor capabilities, and frameworks, to sustain a best-in-class and highly innovative security program.
- Monitor processes and drive improvements in efficiency and quality of security program.
- Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness.
- Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation.
- Define security policy and standards framework definition.
- Assist in designing the security organisation structure.
- Develop security policies, procedures, standards based on the security strategy and roadmap.
- Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework.
- Conduct security process implementation reviews to assess security effectiveness and reporting.
- Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state.
- Define risk management techniques around threats and vulnerabilities identified.
- Conduct Risk Assessment and Threat Assessment based on best practices to realise the cybersecurity strategy.
- Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement.
- Design cybersecurity awareness and stakeholder sensitisation program including materials, posters, newsletters, training workshops, etc.
- Provide certification advisory across Information Security Management System (ISMS), Privacy Management System (PMS), Business Continuity Management Systems (BCMS), PCI DSS etc.
- Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy.
About you:
- Bachelor’s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent education.
- Minimum 4 - 5 years of relevant experience.
- Essential Skills: Professional certifications – relevant cybersecurity certification, CISSP/CISA/CISM/ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, ISO 22301 Lead Implementer, ISO 29001 Privacy.
- Knowledge of PCI, NIST and other security standards.
- Strong interpersonal skills and customer service skills.
- Deliver in highly collaborative and impactful manner.
- Proficient in development of high-quality professional presentation for business.
- Passionate about analysing evolving security challenges, and developing innovative security solutions working with internal customers.
- Coordinate between business stakeholders and technical teams.
- Strong oral and written skills involving both business and technical sides.
Travel Requirements: Up to 80%
Available for Work Visa Sponsorship? No
Government Clearance Required? No
Job Posting End Date: October 28, 2024