PwC NIS Compliance Specialist in Tampa, Florida
PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.
We help resolve complex issues for our clients and identify opportunities. Learn more about us at www.pwc.com/us.
At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional (http://pwc.to/pwcpro) provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.
Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready
- to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at www.pwc.com/careers.
It takes talented people to support the US firm of the largest professional services organization in the world. Not all of us work directly with external clients. Some of our best people choose to apply their talents inside PwC.
As part of Internal Firm Services, you're serving an organization on par with many of our external clients. Our Internal Firm Services team consists of first-rate marketers, human resource professionals, computer technologists, knowledge managers, accountants, financial planners, administrators and leaders. Internal Firm Services staff are the people who make it work for the people who make it work for our clients.
Network Information Security organization is tasked with designing, implementing and maintaining information security capabilities and services for the PwC Network of member firms. The organization consists of highly skilled information security professionals across the globe that are focused on developing a leading security program across the Network of Firms, to foster clients' trust in our ability to secure their most sensitive data, to better position PwC to address clients' evolving needs and to harmonize the internal firm security strategy with client services go-to-market strategy. The group is leading PwC's Network Security Transformation Programme, which is a multi-year programme to enhance existing capabilities and build new capabilities to combat the ever more complex cyber threats.
Information Security Risk and compliance provides a range of services to the PwC Network of Firms that identify, quantify, and reduce risks to the security of information.
These services include IT risk assessment processes, meeting client security interactions, management of IT security controls, information risk assessments, data privacy reviews, managing compliance assessments, supply chain risk management, security policy development and IT risk due diligence. The team will interact with data privacy and legal organizations.
The NIS Compliance team is responsible for the development, implementation, and ongoing management for a range of information security and compliance services to demonstrate adherence to policies and standards for internal and external stakeholders.
Minimum Year(s) of Experience: 4
Minimum Degree Required: High School Diploma or GED
Degree Preferred: Bachelor's degree
Certification(s) Preferred: CISSP, CISM, CISA or equivalent
Demonstrates extensive knowledge of, and/or proven record of success in, roles involving the methods necessary to assess information security and compliance within a large (preferably global) organisation, including in the following areas:
Appropriate policies and standards application in security and compliance assessment execution;
IT security management and audit control frameworks (e.g. ISO 27001, COSO and COBIT);
IT security fundamentals across multiple domains, including security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, laws, investigations, data protection and privacy and ethics;
Project and Operational planning, administration and implementation; and,
Strong analytical skills to assess complex security solutions and to develop compensating controls.
Demonstrates extensive abilities and/or proven record of success in conducting security, compliance and/or data protection and privacy focused assessments, including in the following areas:
Planning, managing and conducting compliance, security, and privacy and data protection related audits and assessments of the organisationâ€™s IT infrastructure, applications and services to evaluate compliance with security policies and standards;
Assessing adherence to security controls using standard audit and assessment methodology (e.g. inquiry, inspection, observation);
Addressing security risk utilizing standard and consistent methodology;
-Evaluating security requirements in multiple contexts, such as audit, vulnerability scanning, contract review, industry standards, and organizational policy and standards review;
Leading, developing and strengthening relationships with stakeholders to promote and raise awareness of the security program, its role, and objectives;
Communicate and Influencing IT leadership, staff, and other stakeholders to implement security recommendations;
Performing all tasks thoroughly with attention to detail;
Demonstrating productivity, initiative, professionalism, attention to detail and quality, ability to multitask, team focus, strong interpersonal skills, strong verbal and written communication skills.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law.