Line of Service Internal Firm ServicesIndustry/Sector TechnologySpecialism IFS - Internal Firm Services - OtherManagement Level Senior AssociateJob Description & Summary At PwC, we focus on protecting our organisation from cyber threats through advanced technologies and strategies. The Information Security Officer (ISO) will support the implementation and maintenance of the firm’s Information Security Management System (ISMS), contributing to risk mitigation, compliance, and awareness initiatives.The Information Security Officer (ISO) supports the implementation and maintenance of the firm’s Information Security Management System (ISMS), contributing to risk mitigation, compliance, and awareness initiatives. This role is ideal for early-career professionals with a strong interest in cybersecurity, governance, and operational resilience.Key ResponsibilitiesSupport ISMS Operations: Assist in maintaining ISO 27001-aligned policies, procedures, and controlsRisk & Compliance Monitoring: Help conduct risk assessments, track remediation efforts, and support internal auditsSecurity Assessments: Contribute to the completion of the ISP Self-Assessment and other Firm Assessments, including but not limited to Technology Assessments, Cyber Security Risk Assessment, and Application Readiness Assessments.Third Party Risk Management: Conduct and coordinate third-party risk assessments (TPRA) for suppliers and partners handling sensitive data or services, and assist in the Technology Risk Framework (TRF) across global and local specific applications.Security Awareness: Contribute to the delivery of training and awareness campaigns in line with the firm’s Information Security Awareness ProgrammeIncident Response Support: Log and escalate security incidents, assist in documentation, and follow upDocumentation & Reporting: Maintain security documentation, dashboards, and metrics for internal reportingNIS Projects: Oversee the implementation of the projects to ensure alignment with NIS objectives.Collaboration: Work closely with IT, Legal, and Compliance teams to ensure alignment with firm-wide security objectivesEducation (if blank, degree and/or field of study not specified) Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)Required SkillsOptional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Embracing Change, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure {+ 11 more}Desired Languages (If blank, desired languages not specified)Travel RequirementsAvailable for Work Visa Sponsorship?Government Clearance Required?Job Posting End Date
