PwC NIS - Information Security Compliance/Audit Senior Associate in Rochester, New York
Specialty/Competency: IFS - Information Technology (IT)
Industry/Sector: Not Applicable
Time Type: Full time
Travel Requirements: Up to 20%
A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You’ll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.
To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
Use feedback and reflection to develop self awareness, personal strengths and address development areas.
Delegate to others to provide stretch opportunities, coaching them to deliver results.
Demonstrate critical thinking and the ability to bring order to unstructured problems.
Use a broad range of tools and techniques to extract insights from current industry or sector trends.
Review your work and that of others for quality, accuracy and relevance.
Know how and when to use tools available for a given situation and can explain the reasons for this choice.
Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
Use straightforward communication, in a structured way, when influencing and connecting with others.
Able to read situations and modify behavior to build quality relationships.
Uphold the firm's code of ethics and business conduct.
Job Requirements and Preferences :
Basic Qualifications :
Minimum Degree Required :
High School Diploma
Minimum Years of Experience :
2 year(s) of progressive professional roles involving IT Controls Auditing, Risk Management, Information Security, and/or Project Management
Preferred Qualifications :
Degree Preferred :
Certification(s) Preferred :
CISA, CRISC, CISSP, CSSLP, CCSP, PMP, or PRINCE2
Preferred Knowledge/Skills :
Demonstrates thorough level of knowledge of Security domains such as Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security; and Security, IT, and risk management frameworks, standards, and guidelines (e.g., NIST, COBIT, ISO 2700x).
Demonstrates thorough abilities and a proven record of success:
Auditing controls around information security, compliance, and operational processes including current and emerging technologies (e.g., cloud-computing, OneAD, web development tools, Internet of Things (IoT), management consoles, network security, PAM, and *nix-based systems;
Assessing new global products and services and at defined SDLC toll gates using auditing techniques, available data/reporting, and security assessment tools to facilitate Security by Design;
Assessing existing global products and services to identify gaps using predefined security controls; best practices, and industry standards; and,
Reviewing mandatory configuration settings and verifying implementation in accordance with current industry standards.
Demonstrates thorough leadership and management qualities in the following areas:
Creating a positive and motivating environment;
Respecting the work-life quality of team members;
Providing candid, meaningful feedback in a timely manner; and,
Keeping leadership informed of progress.
At PwC, our work model includes three ways of working: virtual, in-person, and flex (a hybrid of in-person and virtual). Visit the following link to learn more: https://pwc.to/ways-we-work.
PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy.
All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoifsseniorassociate.