Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job Description:

We are seeking a highly skilled and experienced Data SOC Functional Consultant to join our Risk Consulting team. As a Data SOC Functional Consultant, you will be responsible for policy advisory, process governance, third-party risk management, and data flow assessments for clients. You will work as Consultants for Policies / Processes / TPRM / DFA kind of customer interaction items. You will work on various types of technologies but not limited to DLP, DAM, CASB, Data Discovery, Data Classification, Encryption, DSPM, Zero Trust solutions, PETs, and more. The ideal candidate should possess strong project management skills, technical expertise in cybersecurity, and a comprehensive understanding of best practices in the field.

Responsibilities:

Policy Advisory:

Draft and review data security policies; ensure alignment with regulatory frameworks (DPDPA, GDPR, HIPAA, PCI, SOX).

Process Governance:

Define and maintain DSOC processes; ensure ITIL and ISO 27035 compliance.

Third Party Risk Management (TPRM):

Conduct third-party risk assessments; validate vendor compliance with security standards.

Data Flow Assessment:

Perform DFA for critical applications, document lineage and classification.

Client Interaction:

Engage with customers for governance workshops, audits, and compliance reviews.

Reporting & Dashboards:

Weekly: Policy compliance scorecards and TPRM status.

Monthly: DFA reports and governance metrics.

Quarterly: Audit readiness and regulatory alignment updates.

Incident Management & Response:

Support incident reviews by validating policy adherence and process gaps; assist in remediation planning.

Project & Stakeholder Management:

Lead governance and compliance projects; coordinate with DSOC Head, Legal, and client teams for successful delivery.

Additional Responsibilities:

Research & Thought Leadership:

Stay updated on regulatory changes and best practices; publish internal compliance guidelines; contribute to policy improvement initiatives.

Travel Requirements

· Travel to Client locations locally, in addition to travelling domestically and/or internationally for assignments as required.

Available for Work Visa Sponsorship?

Government Clearance Required?

Certifications:

· Professional certifications such as ISO/IEC 27001 Lead Implementer or Auditor; NIST CSF Practitioner; DPDPA (India) practitioner/lead implementer course; Privacy: IAPP CIPP/E or CIPM

Mandatory skill sets:

· Technical: DLP, Data Discovery, UEBA, PETs, DAM, CASB, FIM, Encryption/Masking, SIEM/SOAR.

· Leadership: Team building, executive communication.

· Regulatory: DPDPA, GDPR, HIPAA, PCI, SOX.

· Excellent communication and presentation skills with the ability to effectively convey complex technical concepts to non-technical stakeholders.

· Strong analytical and problem-solving skills.

· Ability to work independently and collaboratively in a team environment.

· Attention to detail and commitment to delivering high-quality work.

Preferred skill sets:

Certified SOC Analyst (EC-Council), Computer Hacking Forensic Investigator (EC-Council), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH) or equivalent. Product Certifications (Preferred): - Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA etc.

Years of experience required:

Proven experience (4-7 years) in a similar role, preferably in a consulting environment.

· Strong project management skills with the ability to lead and manage multiple projects simultaneously.

· Experience with DLP, CASB, DAM, Encryption, DSPM, Zero Trust Implementation, Monitoring & Assessment along with data discovery and data classification

· In-depth knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST CSF, DPDP Act).

Education qualification:

Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Engineering, Bachelor of Technology

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

SoCs

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date