FS XSector
Specialism
Risk
& Summary
In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure.
& Summary
We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Associate to join our Risk Consulting team. As a Cybersecurity Associate, you will be responsible for delivering highquality cybersecurity, privacy and risk management services to our clients. You will work on various types of projects, including but not limited to security assessments, DLP, DAM, CASB, Data Discovery, Data Classification, Encryption, DSPM, Zero Trust solutions, cybersecurity audit projects, privacy assessments, risk assessments, cyber maturity assessments, security configuration review projects, industry frameworkbased reviews, and more. The ideal candidate should possess strong project management skills, technical expertise in cybersecurity, and a comprehensive understanding of best practices in the field.
Responsibilities
Project Management
Develop project plans, set project goals, and allocate resources effectively.
Deliver, monitor project progress, identify and resolve issues, and manage client expectations.
Track project milestones, deliverables, and timelines to ensure timely completion.
Provide regular project status updates to stakeholders, including clients and senior management.
Team Leadership and Mentoring
Foster a collaborative and inclusive work environment that encourages professional growth.
Stay updated on industry certifications and encourage team members to pursue relevant certifications.
Client Relationship Management
Build and maintain strong relationships with clients, acting as their trusted advisor in cybersecurity and risk management.
Understand clients business objectives and tailor consulting services to meet their specific needs.
Identify opportunities for additional services and upselling based on clients evolving cybersecurity requirements.
Regularly communicate with clients to provide project updates, address concerns, and ensure client satisfaction.
Managing Data Protection (DLP, CASB, DAM, Data Discovery, Data Classification, Encryption, Zero Trust, DSPM) Projects
Coordinate and oversee Data Protection projects, including scoping, planning, and execution.
Deploy tools and analyze security incidents and align project goals with business objectives
Collaborate with clients to understand their specific security requirements and tailor policy development accordingly.
Prepare detailed documents for the policies, procedures, implementation report outlining relevance and effectiveness
Managing Cybersecurity Audit Projects
Plan and execute cyber audit projects based on industry standards and best practices.
Evaluate clients information systems, processes, and controls to assess compliance with relevant regulations and frameworks.
Identify gaps and weaknesses in existing cybersecurity controls and recommend remedial actions.
Review and assess the effectiveness of clients cybersecurity policies, procedures, and incident response plans.
Prepare audit reports summarizing findings, recommendations, and areas for improvement.
Conduct ISO audits to evaluate clients compliance with ISO 27001 and other relevant standards.
Assess clients information security management systems and processes.
Identify noncompliance issues and provide recommendations for achieving ISO certification.
Collaborate with clients to develop and implement necessary controls and security measures.
Privacy Assessments
Assist clients in developing Data Protection and privacy policies.
Evaluating the data protection and privacy practices
Conducting Privacy Impact Assessments
Supporting and guiding clients in adhering to the complex web of relevant national and international regulations (e.g. GDPR, DPDPA)
Cybersecurity Maturity Assessments
Evaluate clients cybersecurity maturity levels based on industry frameworks (e.g., NIST CSF).
Assess the effectiveness of clients security controls and programs.
Identify gaps and areas for improvement to enhance clients cybersecurity posture.
Develop and present maturity assessment reports, including recommendations for enhancing cybersecurity maturity.
Cybersecurity Policies and Procedures
Develop and review cybersecurity policies, standards, and procedures for clients.
Ensure policies are aligned with industry best practices, regulatory requirements, and clients specific needs.
Collaborate with clients to establish governance frameworks for policy implementation and enforcement.
Conduct policy gap assessments and recommend updates or enhancements as needed.
Assist clients in developing incident response plans, disaster recovery plans, and business continuity plans.
Provide guidance on policy enforcement, employee awareness, and compliance monitoring.
Stay updated on evolving cybersecurity threats and regulations to ensure policy relevance and effectiveness.
Security Awareness and Training
Develop and deliver cybersecurity awareness and training programs for clients employees.
Educate clients on best practices for cybersecurity, including social engineering awareness, password hygiene, and data protection.
Stay updated on emerging threats and trends and incorporate relevant information into training programs.
Conduct phishing simulations and other security awareness activities to assess and improve clients security awareness levels.
Regulatory Compliance
Stay informed about relevant cybersecurity regulations and compliance requirements.
Assist clients in understanding and complying with regulatory obligations.
Conduct compliance assessments to evaluate clients adherence to applicable regulations.
Develop and implement compliance frameworks and controls.
Research and Thought Leadership
Conduct research on cybersecurity topics and contribute to the development of thought leadership materials (whitepapers, articles, etc.).
Present at industry conferences and events, showcasing expertise and promoting the consulting firms capabilities.
Engage with industry forums and professional networks to stay connected with the cybersecurity community.
Good to have requirements
Regular MBA
Experience managing multiple projects simultaneously.
No gaps in education/ experience (gaps if any, must be justifiable)
Mandatory Skill Sets
Strong project management skills with the ability to lead and manage multiple projects simultaneously.
Experience with DLP, CASB, DAM, Encryption, DSPM, Zero Trust Implementation, Monitoring & Assessment along with data discovery and data classification
Indepth knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST CSF, DPDP Act).
Preferred Skill Sets
Excellent communication and presentation skills with the ability to effectively convey complex technical concepts to nontechnical stakeholders.
Strong analytical and problemsolving skills.
Ability to work independently and collaboratively in a team environment.
Attention to detail and commitment to delivering highquality work.
Years of Experience required
Proven experience (10+ years) in a similar role, preferably in a consulting environment
Education Qualification
Bachelors or Masters degree in Cybersecurity, Information Technology, or a related field.
Education
Degrees/Field of Study required Bachelor of Technology
Degrees/Field of Study preferred
Required Skills
Data Confidentiality
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Coaching and Feedback, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis {+ 21 more}
No
