Line of Service Internal Firm Services Industry/Sector Technology Specialism IFS - Information Technology (IT) Management Level Associate Job Description & Summary About the role PwC’s global cybersecurity strategy revolves around 4 key points: to identify, control, and reduce the attack surface across the member firm network, and increase our adversaries’ cost of attack. Our mission protects 370,000 PwC members across 149 member firms worldwide, as well as our global clients. Within PwC’s Global Network Information Security (NIS) team, the UK NIS Governance, Risk & Compliance (GRC) team acts as a trusted risk advisor to the UK business. By providing guidance on cybersecurity-related risks and ensuring alignment with PwC’s global cybersecurity strategy, we help our UK stakeholders implement effective security measures to mitigate risks and protect the firm's interests. We are looking for a new team member to join as an Information Security Risk Advisor – Associate to begin or build on their information/cyber security career. What your days will look like: The focus of the role is on risk management activities, which help to identify and reduce risks associated with technology used within the UK firm. You’ll report into the Risk Management Manager and benefit from the support of the wider team. Organise and manage activities, prioritising requests based on criticality and risk posed to the organisation Liaise with key stakeholders to gather information on relevant technologies Support the Risk Management Manager with conducting risk assessments to identify areas of risk and non-compliance to management and senior stakeholders Evaluate impact of risk on the organisation e.g. if a risk was exploited, what would be the financial or reputational impact Support remediation of risk, manage and track identified risks until closure Point of contact for business teams for information security-related questions Deliver ad hoc, daily, weekly, monthly, and quarterly reports as required by leadership and stakeholders Take ownership for delivery of assigned tasks; monitor and maintain personal Key Performance Indicators (KPIs), ensure targets and deadlines are met Support key strategic projects, communications, process improvements, knowledge sharing, and social activities. This role is for you if: A strong interest in building a career in information / cyber security; A formal qualification in Information Security; Experience in a relevant information security or IT role is highly desirable but not essential; An eye for detail and the ability to question the accuracy of information; Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance - a desire and enjoyment to learn; Ability to manage varied workload, prioritise and recognise when to escalate to senior team members; Customer service-oriented, enjoys problem-solving, and works well with business teams; Capable of writing succinctly and presenting for positive outcomes; Basic to intermediate data manipulation and visualisation skills eg: PowerBI, Alteryx; Excel; Interest in PwC's business model, services, and threat landscape; and hands-on experience with Microsoft M365 is desirable but not essential. What you'll receive from us: No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions. We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more. Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security { 6 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date