Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

Operations

Management Level

Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients.

Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations

Job Description & Summary:

We are looking for a detail-oriented and proactive Associate to join our Information Security team. This role is responsible for responding to client information security questionnaires, reviewing security clauses in contracts, and participating in client and stakeholder meetings. The ideal candidate will have strong communication skills, a basic understanding of information security principles, and the ability to collaborate across functions to support client-facing engagements. 

Responsibilities:

Review and respond to client information security questionnaires in coordination with internal SMEs.Interpret and analyze security clauses in client contracts; flag deviations and coordinate with stakeholders as needed.Participate in client and internal stakeholder meetings to clarify requirements and provide appropriate responses.Track progress and maintain documentation of assigned client requests in the internal ticketing system.Ensure timely completion of deliverables while maintaining a high standard of quality and accuracy.Collaborate with cross-functional teams to gather necessary information.Support internal process improvements and automation initiatives related to client engagement.

Mandatory skill sets:

Strong customer-facing verbal and written communication skills.Familiarity with Information Security, Governance, Risk and Compliance (GRC), third-party security risk management.Ability to understand and interpret information security concepts, cloud security, compliance frameworks like ISO Series.

Preferred skill sets:

Experience in responding to RFPs, Security Assessments, or due diligence questionnaires.Understanding of privacy regulations like GDPR, HIPAA is a plus.Proficiency with collaboration tools such as MS Suite, ServiceNow, or similar platforms.Certifications like CISSP, CISA, Security+, ISO 27001 are an added advantage.

Years of experience required:
1-3 years of relevant experience in client-facing roles, ideally within information security, compliance, or third-party risk.

Education qualification:
Bachelor's degree in Information Technology, Cybersecurity, Business Administration, or a related field.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

C Sharp (Programming Language), Structured Query Language (SQL)

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date