PwC Advisory Cyber Privacy Senior Associate in Boston, Massachusetts

PwC/LOS Overview

PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.

We help resolve complex issues for our clients and identify opportunities. Learn more about us at

At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional ( provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.

Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready

  • to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at

PwC Advisory helps our clients with their most challenging imperatives from strategy through execution. We combine the breadth of knowledge of over 48,000 global professionals with deep industry knowledge to deliver custom solutions for our clients. We work with the world's largest and most complex companies and understand the unique business issues and opportunities our clients face.

Job Description

As we aim to rapidly grow our Cybersecurity and Privacy practice, we are looking for consultants who are passionate about how strategy and technology can improve the role of cybersecurity, privacy and data protection in our digital world.

We are looking for consultants with extensive consulting, technological and industry experience who will help our clients solve their complex business issues from strategy through execution. A Cybersecurity and Privacy consulting career will provide the opportunity to grow and contribute to our clients' business issues every day, applying a collection of information and Cyber security capabilities, including security and privacy strategy and governance, IT risk, security testing, technology implementation/operations, and cybercrime and breach response.

Our Privacy & Consumer Protection services enable clients to discover and map data life cycles to create business value, as well as design a program that can jump-start success and build trust among consumers. We focus on helping clients maintain compliance of cross-border data transfers with global privacy laws and earn stakeholder trust in their use of personal data—while identifying opportunities to better optimize compliance, risk, and value creation.

Privacy Compliance and Data Protection works with the areas of Privacy and/or Security Program Development and Strategy, Information and Operational Risk Management and Compliance, Data Use and Protection and Legal and Financial Services operational risk.

At PwC, our team members have subject matter expertise with US federal, state, and/or international privacy laws including but not limited to GLBA Reg P, TCPA, the EU General Data Protection Regulation, the APEC CBPR and other industry specific regulations such as NAIC.

Our team assists clients in the development of corporate privacy programs, including policies, procedures and training, supporting technology deployments, planning for and attaining BCRs, conducting large and small scale privacy risk assessments, development of Third Party Risk Management programs, and incorporating privacy by design principles into product development.

Position/Program Requirements

Minimum Year(s) of Experience: 3

Minimum Degree Required: Bachelor's degree

Certification(s) Preferred: Obtained or demonstrates an active pursuit of one or more of the following certifications: Certified Information Privacy Professional (CIPP/US), CIPP certification in European privacy (CIPP/E), Canadian privacy (CIPP/C), Technology (CIPT), FIP or other certifications.

Knowledge Preferred:

Demonstrates thorough knowledge and/or a proven record of success with developing and implementing privacy and risk strategies/solutions for a global network of professional services firms, including the following areas:

  • Providing and leveraging technical and operational privacy and/or standard industry practices to assist clients with assessing their posture and improving their programs in the following areas—privacy, advanced analytics, and emerging technologies, such as Cloud, Internet of Things (IoT), et al.;

  • Understanding and applying technical and operational standard industry practices involving privacy regulations/standards to build programs and/or manage internal controls, risk assessments, business processes, or operational auditing

GDPR, HIPAA / HITECH, EU GDPR and Privacy Shield, COPPA, State Breach Disclosure Laws, CANSPAM, GLBA, et al.; and,

  • Understanding the common privacy-related issues clients face in several industry sectors, including Financial Services, Healthcare, Manufacturing, Retail, Media, Entertainment, and Energy.

Demonstrates thorough knowledge and/or a proven record of success in a professional services firm or enterprise emphasizing consulting and implementation of data privacy-related projects in the following areas:

  • Enhancement of data privacy programs;

  • Privacy impact and gap assessments;

  • Data inventories;

  • Binding Corporate Rules;

  • Creation of incident response plans;

  • Review of third-party data exchange/international agreements;

  • Cross-border data transfer issues, including Safe Harbor certification;

  • Investigations and investigatory responses to data privacy and security incidents with regulatory agencies; and,

  • Project work pertaining to compliance and reputational risk mitigation, emphasizing U.S. and international Privacy, Data Protection and Information laws and understanding the privacy risks impacting a particular industry.

Skills Preferred:

Demonstrates thorough abilities and/or a proven record of success leveraging creative thinking, problem-solving, and individual initiative concurrently with MS Office (Word, Excel, Access, PowerPoint) to accomplish the following results:

  • Communicate in an organized and knowledgeable manner in written and verbal formats, e.g. delivering clear requests for information and communicating potential conflicts;

  • Demonstrate aptitude for conducting quantitative and qualitative analyses of large and complex data;

  • Create high-quality deliverables using appropriate business and technical language;

Demonstrates thorough abilities and/or a proven record of success developing and implementing privacy and risk solutions for a global network of professional services firms, including the following areas:

  • Collaborating with clients; identifying and addressing client needs through building solid relationships, understanding the client's business, and delivering clear requests for information;

  • Utilizing available technical resources and tools to research and expand one's sphere of knowledge; and,

  • Enhancing work product and remaining current with client and firm hot topics, sharing the research and results to the team, where applicable.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law.