PwC NIS - Application Security Testing/Mitigation Manager in Birmingham, Alabama
Specialty/Competency: IFS - Information Technology (IT)
Industry/Sector: Not Applicable
Time Type: Full time
Government Clearance Required: No
Available for Work Sponsorship: No
Travel Requirements: Up to 20%
A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You’ll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Develop new skills outside of comfort zone.
Act to resolve issues which prevent the team working effectively.
Coach others, recognise their strengths, and encourage them to take ownership of their personal development.
Analyse complex ideas or proposals and build a range of meaningful recommendations.
Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.
Address sub-standard work or work that does not meet firm's/client's expectations.
Use data and insights to inform conclusions and support decision-making.
Develop a point of view on key global trends, and how they impact clients.
Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.
Simplify complex messages, highlighting and summarising key points.
Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
High School Diploma
Minimum Years of Experience :
Preferred Qualifications :
Degree Preferred :
Certification(s) Preferred :
CISSP, CCSP, CISM, CISA
Preferred Knowledge/Skills :
Demonstrates extensive knowledge and/or a proven record of success in the following areas:
Understanding of Application security solutions and Web hosting architecture and principles;
Having Software development experience with web & mobile applications and development languages;
Using commercial Source Code Analysis/Static Application Security Testing Tools;
Understanding of application source code vulnerability mitigation processes;
Having knowledge of and using risk assessment/acceptance factors that can affect business and security decisions;
Using business processes and drivers that can affect system design;
Analyzing application security vulnerabilities and executing mitigation strategies;
Reviewing processes using application threat vulnerability tools, scanning techniques and/or code review results;
Using assessments of vulnerabilities, sources of threats, and current security guidance to determine the effectiveness of mitigation plans;
Collaborating with teams to identify opportunities and provide recommendations on how application security can be built into project development;
Interacting with project management team members and key stakeholders on application projects;
Reviewing application threat vulnerability assessments on application development projects;
Implementing strategy for application threat vulnerability review and remediation;
Identifying and documenting complex business cases to assist in gaining internal support to implement security solutions;
Managing a team of three or more resources;
Managing and coaching staff as they perform reviews of application source code mitigation or remediation proposals;
Collaborating with team members and stakeholders virtually;
Evidencing communication skills, both written and verbal;
Implementing Customer service experience and skills that drive positive customer experience;
Leveraging multitasking and time management skills; and,
Possessing both analytical skills and attention to detail.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoifsmanager .