Job
Description
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cybersecurity Inquiry & Response Analyst Job Description 1–3 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Senior Associate Qualifications 4-6 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Key Responsibilities Manage the intake and triage of cybersecurity-related inquiries from internal and external sources. Coordinate with subject matter experts (SMEs) to collect and validate evidence or control documentation. Draft and deliver clear, accurate responses to inquiries, following internal approval workflows. Track inquiry status, response times, and documentation in a centralized tracking system (e.g., ServiceNow, Jira). Identify trends or recurring inquiry themes and collaborate with teams to proactively address root causes. Ensure that all inquiry responses are compliant with internal policies and regulatory requirements (e.g., HIPAA, SOC 2, ISO 27001, NIST). Assist in developing and maintaining response templates, SOPs, and knowledge base articles. Support audit readiness by ensuring completeness of inquiry-related documentation and logs. Partner with cyber compliance, IAM, and GRC teams to improve the inquiry response lifecycle through automation or workflow enhancements. Show more Show less
