PwC Governance, Privacy & Ethics - Data Protection Manager in Rochester, New York
Specialty/Competency: IFS - Internal Firm Services - Other
Industry/Sector: Not Applicable
Time Type: Full time
Travel Requirements: Up to 20%
A career in Products and Technology is an opportunity to bring PwC's strategy to life by driving products and technology into everything we deliver. Our clients expect us to bring the right people and the right technology to solve their biggest problems; Products and Technology is here to help PwC meet that challenge and accelerate the growth of our business. We have skilled technologists, data scientists, product managers and business strategists who are using technology to accelerate change.
Our team collaborates with product strategy and product managers to govern readiness standards in achieving principles (compliance, privacy, security) by design for what PwC’s technology assets require to be successful in the market. They provide guidance for product development across the lifecycle (ideation / strategy through commercialization / monetization). Additionally, they facilitate market readiness for technology assets overall, as changes occur to assets or market conditions throughout the asset’s life cycle.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Pursue opportunities to develop existing and new skills outside of comfort zone.
Act to resolve issues which prevent effective team working, even during times of change and uncertainty.
Coach others and encourage them to take ownership of their development.
Analyse complex ideas or proposals and build a range of meaningful recommendations.
Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.
Address sub-standard work or work that does not meet firm's/client's expectations.
Develop a perspective on key global trends, including globalisation, and how they impact the firm and our clients.
Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.
Focus on building trusted relationships.
Uphold the firm's code of ethics and business conduct.
A career in Governance, Privacy, & Ethics will provide you with the opportunity to solve PwC’s most critical data protection-related challenges. You will be part of a growing team driving strategic data protection and compliance program, data analytics, and technical implementation activities to protect our business in today’s evolving regulatory landscape. Our team establishes privacy and ethics considerations from the outset of the development of our products and technology.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
High School Diploma
Minimum Years of Experience :
Preferred Qualifications :
Degree Preferred :
Preferred Fields of Study :
Information Technology, Information CyberSecurity, Computer Engineering, Computer and Information Science, Management Information Systems
Certification(s) Preferred :
(CISSP) (CISM) (CRISC) (CISM)
Preferred Knowledge/Skills :
Demonstrates extensive abilities and/or a proven record of success of developing and implementing data protection and compliance strategies to assist organization with the following capabilities:
Understanding and applying technical and operational industry leading practices to evaluate and improve data protection posture;
Understanding of common security and privacy industry standards and regulations (e.g., GDPR, CCPA, HIPAA / HITECH, COPPA, U.S. State Breach Disclosure Laws, GLBA,) and industry frameworks (e.g., ISO 27000 Series, SSAE-18 SOC 1/ SOC 2, NIST-P, FedRAMP, PCI-DSS), especially as it relates to building and operating a data protection and compliance program and/or managing internal security controls, risk assessments, business processes or operational auditing;
Understanding of common data protection operational documents including policies, procedures, standards and guidelines;
Possessing knowledge of technical concepts relevant to cloud computing environments such as access control, secure coding principles, network security, security architecture, vulnerability management; and,
Possessing knowledge of data protection technologies and other emerging technologies, such as data encryption, data de-identification, cloud, Internet of Things (IoT), is advantageous.
Demonstrates extensive abilities and/or a proven record of success of consulting, implementing, or supporting projects in the following types of data protection and compliance related areas:
Identifying, prioritizing and protecting sensitive or high value business assets;
Collaborating with product teams (e.g., engineering, security, operations) to define compliance needs and roadmaps in a multi-product environment;
Managing privacy and security governance policy framework including;
Developing policies, standards, procedures, guidelines;
Developing strategies for policy harmonization;
Supporting a continuous improvement culture through establishing, monitoring, and reporting on policy governance metric targets;
Providing policy liaison support, including communication and interpretation of policy requirements;
Preparing product teams for independent third-party assessments against regulatory and compliance frameworks;
Partnering with external auditors to conduct compliance risk assessments;
Providing continuous compliance monitoring and reporting of controls and defining metrics to track compliance adherence;
Overseeing documentation, reporting and closure of compliance-related issues: and,
Conducting security risk assessments and supporting formulation of corrective action plans.
Demonstrates extensive abilities and/or a proven record of success leveraging creative thinking, problem-solving, and individual initiative concurrently with MS Office (Word, Excel, Access, PowerPoint) to accomplish the following results:
Communicating in an organized and knowledgeable manner in written and verbal formats, e.g. delivering clear requests for information and communicating potential conflicts;
Demonstrating aptitude for conducting quantitative and qualitative analyses of large and complex data;
Creating high-quality deliverables using appropriate business and technical language; and,
Collaborating with business and product teams; identifying and addressing business needs through building relationships, understanding the products and delivering clear requests for information and proposed solutions.
At PwC, our work model includes three ways of working: virtual, in-person, and flex (a hybrid of in-person and virtual). Visit the following link to learn more: https://pwc.to/ways-we-work.
PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoifsmanager.