PwC NIS - Information Security Compliance/Audit Senior Manager in Raleigh, North Carolina
Specialty/Competency: IFS - Information Technology (IT)
Industry/Sector: Not Applicable
Time Type: Full time
Travel Requirements: Up to 20%
A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You’ll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Encourage everyone to have a voice and invite opinion from all, including quieter members of the team.
Deal effectively with ambiguous and unstructured problems and situations.
Initiate open and candid coaching conversations at all levels.
Move easily between big picture thinking and managing relevant detail.
Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
Contribute technical knowledge in area of specialism.
Contribute to an environment where people and technology thrive together to accomplish more than they could apart.
Navigate the complexities of cross-border and/or diverse teams and engagements.
Initiate and lead open conversations with teams, clients and stakeholders to build trust.
Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
High School Diploma
Minimum Years of Experience :
6 year(s) in progressive professional roles involving Project Management, Risk Management, Information Security, or IT Controls Auditing.
Certification(s) Required :
CPA, CISA, CAP, or CRISC
CISSP, CSSLP, or CCSP
Preferred Qualifications :
Degree Preferred :
Preferred Knowledge/Skills :
Demonstrates intimate knowledge of Application development, infrastructure, and Waterfall and Agile project management; Security domains such as Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security; and Security, IT, and risk management frameworks, standards, and guidelines (e.g., NIST, COBIT, ISO 2700x, CMMC).
Demonstrates abilities and a proven record of success:
Taking full ownership of the execution of security-related activities for projects from inception to closure;
Assessing new global products and services and at defined SDLC toll gates using auditing techniques, available data/reporting, and security assessment tools to facilitate Security by Design;
Assessing existing global products and services to identify gaps using predefined security controls; best practices, and industry standards;
Auditing controls around information security, compliance, and operational processes including current and emerging technologies (e.g., cloud-computing, OneAD, web development tools, Internet of Things (IoT), management consoles, network security, PAM, and *nix-based systems;
Designing operational readiness review checklists, examination artifacts, and templates such as control testing work programs and security configuration reviews;
Reviewing mandatory configuration settings and verifying implementation in accordance with current industry standards;
Coordinating with business partners to recommend and present relevant and plausible risk mitigation activities;
Setting and continually managing project expectations with team members and other stakeholders;
Identifying gaps in process and standards that can be bridged to streamline the review and assessment process;
Managing and coaching staff; and,
Navigating a matrixed organization.
Demonstrates leadership and management qualities in the following areas:
Leading cross-functional internal and external teams and multiple long-term complex projects simultaneously;
Creating a positive and motivating environment;
Monitoring workloads of the team while meeting client expectations;
Respecting the work-life quality of team members;
Providing candid, meaningful feedback in a timely manner; and,
Keeping leadership informed of progress.
At PwC, our work model includes three ways of working: virtual, in-person, and flex (a hybrid of in-person and virtual). Visit the following link to learn more: https://pwc.to/ways-we-work.
PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoifsseniormanager.