Information Security Manager

A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You'll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhance security of internal information and protect our firm's intellectual assets. If you are seeking an exciting career with the scope to grow your cyber security and technology skills through major change on a global scale, then NIS and PwC Technology will empower you to do so. NIS built the first global cyber security function at PwC. Our mission is to protect over 370,000 PwC professionals across 149 member firms worldwide as well as our global clients. Our team leads the information security strategy within PwC. The overall goals for the function include the identification, tracking and mitigation of risk, as well as offering in-depth expertise to ensure credibility and confidence in the handling of client, firm, or employee data. We work closely with stakeholders to understand their business objectives to enable us to have full visibility into potential information security risks across our estate. Joining this team, you'll provide the customer centric perspective to enable PwC to deliver maximum value to the customer, the PwC Network of firms, and PwC's clients. If you love the business side of information security, this is the place to be. Within the CISO pillar we work closely with member firm stakeholders to understand their business model and roadmap for technology. In turn, the CISO pillar outlines the roadmap for NIS and drives engagement and adoption of central security services in line with the PwC Cyber Readiness program. Management of relationships between NIS and the business is key to delivering the cyber readiness mission. Whether it be integrating solutions, driving operational processes or providing guidance back to NIS to further enhance our strategy, CISO pillar provides the engagement and personal touch to enable NIS to deliver maximum value to the customer, the PwC Network of firms.

Eligibility / Qualification Required:

• Education:
  • Degrees/Field of Study required: Undergraduate Degree (e.g., BIT, BSc) in STEM or equivalent work experience.
  • Degrees/Field of Study preferred: Not specified.
• Experience: 4-6 years of progressive professional roles involving information security, IT management and/or major program management.
• Certifications: Professional certifications such as CISA or CISSP are highly preferred, demonstrating expertise in information security, risk management, and compliance.
• Essential Skills & Responsibilities:
  • Lead and support multiple cybersecurity initiatives, including projects related to compliance, risk management, threat analysis, application security, vulnerability assessments, and regulatory adherence.
  • Engage with Line of Service stakeholders to assess security threats/vulnerabilities and manage business risk.
  • Work with other NIS teams both locally, regionally, and globally to deliver the security needs specific to the firm.
  • Ability to lead and manage a team effectively. The ideal candidate should be proactive, dynamic, and self-driven, with the capability to handle challenging situations, prioritize tasks, manage and mitigate risks, and ensure timely closure.
  • Help the business comply with the Information Security Policy by leveraging cyber security knowledge and expertise.
  • Experience managing multi-function relationships throughout major transformation.
  • Experience in a role balanced between business stakeholders and a central service organization.
  • Navigating a multifaceted, matrix organization and collaborating with multiple stakeholders across functional and technical skillsets.
  • Technical: Broad understanding of security technology.
  • Business: Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.
  • Domain landscape: Knowledge of technical security principles and its application.
  • Experience in managing and ensuring compliance with cybersecurity regulations and frameworks, such as MAS, CSA, and other relevant industry standards.
  • Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate.
  • Ability to leverage business communication skills to inform, persuade, and teach stakeholders across a global network of member firms’ staff and leadership to enable effective information security activities and processes in line with the cyber readiness program.
  • Ability to prioritize risk, manage effective teams to drive completion of activities, passionate in provide coaching and training to team members to motivate and grow the team.
  • Possess deep knowledge in a specific subject matter area or technical domain related to the Information Security Services function that is applied to solve business problems and deliver necessary results.
  • Incorporates existing Firm knowledge, subject matter, or technical domain expertise into work activities.
  • Demonstrates proven skills and thorough comprehension of managing efforts within business engagement and relationship management space.
  • Monitor workloads within the team to deliver against the requirements within CISO Services while making sure leadership is informed of progress and issues.
  • Build and maintain relationships across the network of firms to effectively deliver security activities on behalf of NIS.
  • Executes tasks aligned to CISO pillar with autonomy.
• Required Attributes/Skills:
  • Analytical: Proactive, inquisitive nature and intuition regarding what questions to ask, when, and their relative significance. Able to navigate complex environments and find solutions to reduce security risk. Innovate, think outside of the box and build process efficiency to deliver service excellence.
  • Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.
  • Domain landscape: Knowledge of information security risk and compliance principles.
  • Communication: Ability to leverage business communication skills to inform, persuade, and teach stakeholders across a global network of member firms’ staff and leadership to enable effective information security activities and processes in line with the cyber readiness program.
  • General Skills: Accepting Feedback, Active Listening, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Embracing Change, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity.
• Travel Requirements: Up to 20%.
• Available for Work Visa Sponsorship: No.
• Government Clearance Required: No.

Join us and be a part of a dynamic team that is dedicated to creating an engaging and effective learning environment for our diverse workforce. Your enthusiasm and contributions will support the success of our training initiatives and contribute to our company's growth.

General Conditions:

General conditions are not specified in the job description.

How to Apply:

Application instructions are not provided in the job description.
View Official Posting & Apply