Technology Risk and Controls Analyst - Associate

Job Category:
Job Type:
Level of IT Experience:
5-10 Years
Salary Description:
Competitive salary offered
Job Ref:

Who Are We?

Our Operate business helps organisations transform and run complex operational processes that often create challenges and hinder their progress. Harnessing the power of tech and data to drive performance, Operate brings together innovative minds with a distinctive mix of subject matter knowledge and operational skills to deliver results that make the difference. We work with some of the most recognisable organisations worldwide in delivering large scale operational programmes and managed solutions. Underpinning all of this is our commitment to ensuring our people are equipped with tomorrow's skills to drive success for our clients today.

About the role

We are looking for self-motivated and experienced information security individuals or technology professionals with an interest in conducting third party risk management activities such as; supplier security assessments/reviews, contractual term analysis and negotiation, and ongoing monitoring of supplier adherence to security commitments.

Key responsibilities

· Perform risk assessment on suppliers and identify risk domains.

· Conduct remote/onsite security assessments.

· Review policy and procedures relating to information security and data privacy.

· Ensure that potential issues are raised promptly and discussed with management to identify options to mitigate risk.

· Identify, document and communicate control gaps/deficiencies to internal and external stakeholders

· Demonstrate client management skills throughout the assessment process.

· Identify process efficiencies/enhancements to keep assessment programs in line with industry best practices.

· Perform other duties as assigned.

· Manage a large and diverse portfolio of Vendors for the firm;

· Negotiate remediation plan with suppliers

· Maintain open communication channels with senior stakeholders through regular governance sessions, escalating appropriately as and when required.

· Own the quality of all client outputs and ensure all client and internal document repositories are accurate and up to date

Essential Criteria

· Previous experience in auditing / assurance or compliance function

· Experience in IT controls testing

· Knowledge of Sox (Sarbanes-Oxley Act)

· Understanding of Information Technology

· Good understanding of risk, control and compliance testing methodology

· Experience working in a regulated environment

· Cyber Security related certifications including ISO27001 Lead Auditor, CISA, CISM, COBIT, CISSP, CIPM

· Degree in Information Technology or related subject or equivalent experience

· Strong understanding of information security controls & ISMS standards such as ISO 27001/2, COBIT and NIST

· Experience with SOC2 compliance standards

Not the role for you?
Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)?

The skills we look for in future employees
All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, 'The PwC Professional' and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships. Learn more here:

The Deal
We want all of our people to feel empowered to be the best that they can be, which is why we have 'The Deal'.

Find out more about our firmwide Employee Value Proposition:

Valuing Difference. Driving Inclusion.

We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.

Contact Details:
Contact: Contact

You may return to your current search results by clicking here.

Latest Job Listings