About The Role
Within PwC’s Global Network Information Security (NIS) team, the UK NIS Governance, Risk & Compliance (GRC) team acts as a trusted risk advisor to the UK business.
As an Audit & Policy Senior Associate, you will support the Audit & Policy Manager with the running of the UK’s Information Security Management System (ISMS), oversee the UK firm’s existing ISO 27001 and Cyber Essentials (CE) certifications, and support internal audit-related requirements.
What Your Days Will Look Like
1. Organise and facilitate ISO 27001 audits in the UK and British Channel Islands, from planning to completion;
2. Track and maintain key ISMS documents and assist with ISMS processes, including Risk Assessments;
3. Contribute to the maintenance of existing security certifications, such as Cyber Essentials (CE) and Cyber Essentials Plus (CE+);
4. Manage remediation of gaps and nonconformities within ISMS and Cyber Essentials;
5. Investigate discrepancies and propose remedial actions;
6. Contribute to policy creation and advise on policy-related queries;
This Role Is For You If
1. You have experience with ISO 27001, Cyber Essentials, and Cyber Essentials Plus;
2. You have experience in internal and external auditing processes;
3. You are skilled in developing and maintaining policies, procedures, and guidelines;
4. You are capable of writing succinctly and presenting for positive outcomes;
5. You have strong attention to detail and the ability to question the accuracy of information;
6. You can travel to the UK firm’s offices located in the UK, Northern Ireland, and British Channel Islands;
7. You have knowledge of risk management, including assessment and treatment methodologies (e.g., ISO 27005, IRAM2, OCTAVE);
#J-18808-Ljbffr