Cyber Risk Manager

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

Our Regulatory Compliance team focuses on helping our clients understand their regulatory landscape on a domestic and global scale. You’ll work with our clients aligning a number of different cyber, privacy and industry frameworks and requirements to their business. This includes, but is not limited to: NIST CSF, ITIL, HIPAA, PCI, FDA, FERC/NERC, OCC, FFIEC, ABAC, Cyber Executive Orders, etc. Our team designs, implements, and maintains an effective compliance program that helps our clients manage the risks against regulatory compliance obligations, as well as control framework commitments to their Board/stakeholders.

Our team also works with regulatory examiners, investigators, and industry leaders to continue to stay ahead of upcoming regulatory changes or enforcements. We help inform our clients on controls or requirements that require enhancements, and help with the compliance change management components driving new technical and business requirements out to their end users. You will be part of a team that not only assesses organizational compliance, but helps clients to strategically think through the best way to manage in a cost-effective, yet defensible manner.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Pursue opportunities to develop existing and new skills outside of comfort zone.

• Act to resolve issues which prevent effective team working, even during times of change and uncertainty.

• Coach others and encourage them to take ownership of their development.

• Analyse complex ideas or proposals and build a range of meaningful recommendations.

• Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.

• Address sub-standard work or work that does not meet firm's/client's expectations.

• Develop a perspective on key global trends, including globalisation, and how they impact the firm and our clients.

• Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.

• Focus on building trusted relationships.

• Uphold the firm's code of ethics and business conduct.

Job Requirements and Preferences:

Basic Qualifications:

Minimum Degree Required:
Bachelor Degree

Minimum Years of Experience:
6 year(s)

Preferred Qualifications:

Certification(s) Preferred:

Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISACA Certified in Risk and Information Systems Control (CRISC)

Preferred Knowledge/Skills:

Demonstrates extensive knowledge and/or a proven record of success in:

• Providing industry-leading practices in cyber risk management and regulatory compliance

• Leveraging knowledge of common regulatory requirements such as OCC HS, FFIEC, GLBA, NY DFS etc. as well as industry frameworks such as NIST CSF, COBIT, COSO and PCI

• Managing and overseeing large projects involving information security, technology risk management, cybersecurity or cyber risk management

Demonstrates extensive abilities and/or a proven record of success in:

• Designing and implementing enterprise-wide cyber risk governance frameworks

• Developing detailed business risk scenarios and cyber threat models

• Assessing enterprise-wide business risks and cyber threats;

• Designing and implementing cyber risk management controls

• Monitoring and reporting of cyber risks, threats and vulnerabilities

• Designing KRIs and metrics to build risk reports for management

• Developing, implementing and testing cyber resiliency plans

• Using tools and technology to provide data analytics and business intelligence on cyber threats, risk and vulnerabilities

• Developing cyber risk management strategies and operating models for clients

• Building and operationalizing complex cybersecurity and cyber risk management programs for clients

• Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Suite to complete related project deliverables

• Managing project financials in line with agreed-upon budgets

• Creating a positive working environment by monitoring and managing workloads of the team – balancing client expectations with the work-life quality of team members

• Keeping leadership and engagement management informed of progress and issues