29 days old

Senior Manager, Information Risk Management (Team Lead)

Tampa, FL 33602
Apply Now
Apply on the Company Site
PwC/LOS Overview
PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.

We help resolve complex issues for our clients and identify opportunities. Learn more about us at www.pwc.com/us.

At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional (http://pwc.to/pwcpro) provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.

Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready
- to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at www.pwc.com/careers.

It takes talented people to support the US firm of the largest professional services organization in the world. Not all of us work directly with external clients. Some of our best people choose to apply their talents inside PwC.

As part of Internal Firm Services, you're serving an organization on par with many of our external clients. Our Internal Firm Services team consists of first-rate marketers, human resource professionals, computer technologists, knowledge managers, accountants, financial planners, administrators and leaders. Internal Firm Services staff are the people who make it work for the people who make it work for our clients.

Job Description
Network Information Security organization is tasked with designing, implementing and maintaining information security capabilities and services for the PwC Network of member firms. The organization consists of highly skilled information security professionals across the globe that are focused on developing a leading security program across the Network of Firms, to foster clients' trust in our ability to secure their most sensitive data, to better position PwC to address clients' evolving needs and to harmonize the internal firm security strategy with client services go-to-market strategy. The group is leading PwC's Network Security Transformation Programme, which is a multi-year programme to enhance existing capabilities and build new capabilities to combat the ever more complex cyber threats.

Information Security Risk and compliance provides a range of services to the PwC Network of Firms that identify, quantify, and reduce risks to the security of information.

These services include IT risk assessment processes, meeting client security interactions, management of IT security controls, information risk assessments, data privacy reviews, managing compliance assessments, supply chain risk management, security policy development and IT risk due diligence. The team will interact with data privacy and legal organizations.

The team is responsible for engaging with clients, third parties, cross LoS, cross territory, and global members of the firm on IT risk management topics relevant to the Network of firms. Including identifying, understanding and socializing new risks and assessing their possible impact on the firm.

Position/Program Requirements
Minimum Year(s) of Experience: 6

Minimum Degree Required: High School Diploma or GED

Degree Preferred: Bachelor's degree

Certification(s) Preferred: CISSP, CISA or CISM

Knowledge Preferred:

Demonstrates extensive knowledge of, and/or proven record of success in, IT security management frameworks, especially ISO 27001 and 27002 (17799), and their application in the support and integration of key business and strategic priorities, preferably for a global network or professional services firms, including in the following areas:

- Developing and implementing the strategic vision for information security management within the PwC global Network of member firms and contributing to the development of new security management domain expertise on an ongoing basis;

- Understanding of IT security fundamentals across multiple domains, including (but not limited to) security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, laws, investigations, and ethics; and,

- Evaluating security requirements in multiple contexts, such as audit, vulnerability scanning, contract review, industry standards, and organizational policy and standards review.

Skills Preferred:

Demonstrates extensive ability, and/or proven record of success, in IT security management frameworks, especially ISO 27001 and 27002 (17799), and their application in the support and integration of key business and strategic priorities, preferably for a global network or professional services firms, including in the following areas:

- Managing strategic and tactical security policy and standards libraries based on those frameworks;

- Developing and managing structured risk identification, assessment, and treatment programs for large organizations;

- Managing internal assessment programs, coordinating response to internal and external assessment programs;

- Translating technical IT security concepts into business terms;

- Working comfortably with all levels of leadership;

- Communicating and promoting the use Network security policies and standards;

- Comprehending the value of Network policies and standards, as well as business requirements, and the ability to recognize potential conflicts and arrive at successful outcomes collaborative;

- Managing key ISMS components: information asset inventory, risk assessment, security policy and standards development, internal assessment, and report to management;

- Understanding existing and upcoming legislative and regulatory requirements by working closely with Network risk management and security organizations, as well as safeguarding that they are incorporated in the ISMS;

- Addressing risk utilizing standardized and consistent methodology;

- Assisting in responding to client inquiries regarding PwC security posture, including requests to audit, site visits, and independent audits; and,

- Communicating, tracking and reporting audit and assessment findings and corrective action plans.

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Manager, Information Risk Management (Team Lead)

Tampa, FL 33602

Share this job

Senior Manager, Information Risk Management (Team Lead)

Tampa, FL

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast