About the role
PwC’s global cybersecurity strategy revolves around 4 key points: to identify, control, and reduce the attack surface across the member firm network, and increase our adversaries’ cost of attack. Our mission protects 370,000+ PwC members across 149 member firms worldwide, as well as our global clients.
Within PwC’s Global Network Information Security (NIS) team, the UK NIS Governance, Risk & Compliance (GRC) team acts as a trusted risk advisor to the UK business. By providing guidance on cybersecurity-related risks and ensuring alignment with PwC’s global cybersecurity strategy, we help our UK stakeholders implement effective security measures to mitigate risks and protect the firm's interests.
We are looking for a new team member to join as an Information Security Risk Advisor – Associate to begin or build on their information/cyber security career.
What your days will look like:
The focus of the role is on risk management activities, which help to identify and reduce risks associated with technology used within the UK firm. You’ll report into the Risk Management Manager and benefit from the support of the wider team.
Organise and manage activities, prioritising requests based on criticality and risk posed to the organisation
Liaise with key stakeholders to gather information on relevant technologies
Support the Risk Management Manager with conducting risk assessments to identify areas of risk and non-compliance to management and senior stakeholders
Evaluate impact of risk on the organisation e.g. if a risk was exploited, what would be the financial or reputational impact
Support remediation of risk, manage and track identified risks until closure
Point of contact for business teams for information security-related questions
Deliver ad hoc, daily, weekly, monthly, and quarterly reports as required by leadership and stakeholders
Take ownership for delivery of assigned tasks; monitor and maintain personal Key Performance Indicators (KPIs), ensure targets and deadlines are met
Support key strategic projects, communications, process improvements, knowledge sharing, and social activities.
This role is for you if:
A strong interest in building a career in information / cyber security;
A formal qualification in Information Security;
Experience in a relevant information security or IT role is highly desirable but not essential;
An eye for detail and the ability to question the accuracy of information;
Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance - a desire and enjoyment to learn;
Ability to manage varied workload, prioritise and recognise when to escalate to senior team members;
Customer service-oriented, enjoys problem-solving, and works well with business teams;
Capable of writing succinctly and presenting for positive outcomes;
Basic to intermediate data manipulation and visualisation skills eg: PowerBI, Alteryx; Excel;
Interest in PwC's business model, services, and threat landscape; and hands-on experience with Microsoft M365 is desirable but not essential.
What you'll receive from us:
No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions.
We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more.
