The role
look like?
As an Information Security Risk Advisor, your role is to work on risk management activities to help identify and reduce the risks associated with technology used within the UK firm.
1. Collaborate with key stakeholders to gather information on existing and emerging technologies, such as GenAI, and provide updates on progress and deliverables to your line manager and leadership.
2. Identify and assess areas of risk and non-compliance, evaluating their impact and likelihood on the organisation (e.g. if a risk was exploited, what would be the financial or reputational impact).
3. Organise and prioritise activities based on criticality and risk to the organisation, ensuring effective risk management.
4. Act as a point of contact for business teams, addressing their information security concerns and providing guidance.
5. Negotiate the remediation of identified risks within the UK firm.
6. Create risk reports for management and senior stakeholders to facilitate decision-making.
7. Support risk remediation activities; manage and track identified risks until closure.
8. Take ownership of project tasks, ensuring their successful delivery.
9. Monitor personal Key Performance Indicators (KPIs) and meet deadlines consistently.
10. Actively participate in team activities, contributing to strategic projects, communications, process improvement, knowledge sharing, and fostering a positive work environment.
What do you need for this role?
11. Previous proven experience in a similar information security or IT security role is essential.
12. Must possess a formal certification / qualification in Information Security (CISM, CRISC, CompTIA Security+) or an international equivalent.
13. Thrive on helping people with problem solving, stakeholder management/customer service outlook - working with business teams to achieve positive outcomes.
14. Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.
15. Engaging communication skills to assist, inform, and build relationships with stakeholders in both the business and support teams, to enable effective information security activities and processes aligned to the firm’s security strategy.
16. Data manipulation and visualisation skills highly desirable (PowerBI, Alteryx, Excel).
17. Time management skills, balancing working efficiently on your own and contributing as part of a wider team - prioritising and recognising when to escalate to management
18. An interest in PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape.