Job Description

Line of Service AdvisoryIndustry/Sector Not ApplicableSpecialism Cybersecurity & PrivacyManagement Level Senior Associate & Summary A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.Our Strategy and Program Design team focuses on helping our clients assess, design, implement, and maintain an effective cybersecurity program that protects against threats, manages risk, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You'll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing programs to deliver continuous operational improvements and increasing their strategic cybersecurity investments while aligning to business imperatives.Our team helps organisations develop strategy and/or governance structures to improve the effectiveness of their cyber operations. In joining our team, youxe2x80x99ll design a blueprint of our clients future operating models as well as a roadmap outlining the various initiatives required to get there. Additionally, youxe2x80x99ll help design and implement organisational, metrics and reporting, and risk management changes necessary to execute strategy.To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness, personal strengths and address development areas.
• Delegate to others to provide stretch opportunities and coach to help deliver results.
• Develop new ideas and propose innovative solutions to problems.
• Use a broad range of tools and techniques to extract insights from from current trends in business area.
• Review your work and that of others for quality, accuracy and relevance.
• Share relevant thought leadership.
• Use straightforward communication, in a structured way, when influencing others.
• Able to read situations and modify behavior to build quality, diverse relationships.
• Uphold the firm's code of ethics and business conduct.

The NIST experienced Senior Associate will play a vital role in identifying cyber risks and describing the desired outcomes. The ideal candidate should have a strong understanding of NIST CSF (NIST Cybersecurity Framework) and other NIST and industry recognized standards, possess excellent communication and organizational skills, and be able to work independently as well as part of a team. The NIST Experienced Senior Associate is expected to assist in the following activities:
xe2x97x8f Independently perform NIST CSF Maturity Assessments in collaboration with the clientxe2x80x99s sponsor, identify and engage with stakeholders across different functional areas, including but not limited to the business, IT, Security, Legal & Compliance, and HR.
xe2x97x8f Understand clientsxe2x80x99 security organization, including roles and responsibilities, interactions with other enterprise functions and role of third parties, etc.
xe2x97x8f Participate or facilitate workshops and/or individual interviews to identify, document gaps and current state of Cybersecurity.
xe2x97x8f Review IT and security architectures, design patterns, and other technical documentation.
xe2x97x8f Draft assessment reports including Executive Summary, observations/recommendations/peer comparisons, benchmark etc.
xe2x97x8f Suggest Cybersecurity strategic initiatives to achieve future/target state.
xe2x97x8f Create a roadmap for identified cyber initiatives.
xe2x97x8f Conduct NIST CSF, NIST 800-53, NIST 800-171, ISO, CRI etc. gap assessments or compliance testing.
xe2x97x8f Perform evidence validation to ensure compliance.
xe2x97x8f Define testing and sampling procedures.
xe2x97x8f Develop SOWxe2x80x99s, RFPxe2x80x99s in alignment to clientxe2x80x99s requirements and lead the CoE.
xe2x97x8f Lead business development efforts in alignment to NIST CoE requirements. Years of Experience
xe2x97x8f 4-8 years of Information Security industry experience and min 3+ relevant experience in NIST CSF Maturity Assessments, ISO,FFIEC, Cloud security CRI (desired).Position Requirements
xe2x97x8f Conduct Maturity assessments based on NIST frameworks.
xe2x97x8f Perform gap assessments and Control testing using NIST standard/frameworks.
xe2x97x8f Good understanding of compliance standards/frameworks like ISO 27001/27002, NIST, COBIT, SOX, GLBA, SSAE16/SOC 2, etc. will be an advantage.
xe2x97x8f Excellent written and oral communication skills, can express thoughts clearly, knows how to listen, take detailed notes and contribute in a team environment. Desired Knowledge
xe2x97x8f NIST CSF, NIST 800-53, NIST 800-171, Cloud security and other industry standards such as ISO, PCI, HITRUST etc.
xe2x97x8f Excellent leadership, teamwork and collaboration skills.
xe2x97x8f Ability to quickly acquire and utilize knowledge on new technologies and solutions, emerging threats and vulnerabilities. Desired Skills
xe2x97x8f Excellent MS-Office skills
xe2x97x8f Results oriented, high energy, self-motivated.Professional and Educational Background
xe2x97x8f MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems).
xe2x97x8f Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC). Additional Information Travel Requirements: Not Applicable
xe2x97x8f Line of Service: Advisory
xe2x97x8f Industry: Consulting
xe2x97x8f Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years of Experience: 4 - 8 years
xc2xa9Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)Required SkillsOptional SkillsDesired Languages (If blank, desired languages not specified)Travel Requirements 0%Available for Work Visa Sponsorship? NoGovernment Clearance Required? NoJob Posting End Date

PwC