Cybersecurity Senior Manager - Third Party Risk Management Details

PRICE WATERHOUSE COOPERS - Charlotte, NC

Employment Type : Full-Time

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe. Our Third Party Risk Management (TPRM) team focuses on helping our clients assess, design, implement, and maintain an effective third party risk program.This is inclusive of pre and post contract stages for our clients - helping them evaluate the controls required pre-contracting with a vendor, contractor, or supplier, as well as post-contract from an ongoing monitoring perspective. Our TPRM team focuses on designing programs, operationalizing those programs, change management across all risk domains of a third party program and assessments (ongoing monitoring efforts). You will work with third parties all across the globe that support the operations of our clients to ensure adequate control environments are in place and help provide our clients comfort that both reasonable and defensible controls are in place. As more companies continue to outsource and move to cloud transformation, the demand for TPRM has quickly grown. You will help our clients transform their business, build trust amongst their ecosystem, manage risk effectively, and drive accountability and control with their third party connections. Our team helps organisations develop TPRM business plans, cost-benefit analyses, target operating models, short/long-term strategies, and ultimately improve the effectiveness of their TPRM programs. In joining our team, you will work with xLoS professionals at PwC across all third party risk domains, including, but not limited to cybersecurity, privacy, human resources, legal, technology, financial, fraud, regulatory, and industry specific business risks. You will help organizations with strategy, design, operation and long-term maintenance of their TPRM programs.


To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Take action to ensure everyone has a voice, inviting opinion from all.
  • Establish the root causes of issues and tackle them, rather than just the symptoms.
  • Initiate open and honest coaching conversations at all levels.
  • Move easily between big picture thinking and managing relevant detail.
  • Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.
  • Develop specialised expertise in one or more areas.
  • Advise stakeholders on relevant technical issues for their business area.
  • Navigate the complexities of global teams and engagements.
  • Build trust with teams and stakeholders through open and honest conversation.
  • Uphold the firm's code of ethics and business conduct.


Minimum Degree Required:
Bachelor Degree

Minimum Years of Experience: 7 year(s) of experience in Third Party Risk Management or Audit experience

Certification(s) Preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISACA Certified in Risk and Information Systems Control (CRISC)

Preferred Knowledge/Skills:

Demonstrates intimate knowledge and/or a proven record of success in:

  • Assisting clients with assessing, designing, and implementing third party risk management programs, processes, and supporting technology

  • Consulting and implementation projects in third party risk-related areas such as third party origination and inherent risk measurement, segmentation and residual risk models, policy and procedures design and development, due diligence and on-going monitoring assessment execution, oversight and governance, data modeling and technology enablement, Issue and exception management

  • Understanding emerging technologies, such as Governance Risk and Compliance (GRC) technologies

  • Understanding of common third party risk industry standards/ regulations/regulators (e.g. FFIEC, OCC, FRB, GDPR, HIPAA / HITECH, HKMA, PRA, APRA, JFSA, RBI, BaFin, CFPB, SEC etc.), especially as it relates to building a program and/or managing internal controls, risk assessments, business process or operational auditing

  • Understanding principles and industry leading practices in Risk Assessment skills, Audit background, including familiarity with SOC I (SSAE16) and SOC II, ISO 27001, etc.


Demonstrates intimate abilities and/or a proven record of success in:

  • Assisting in client-facing engagement delivery, practice development, business development and thought leadership

  • Managing and/or contributing to project planning, engagement administration, budget management, and successful completion of engagement workstream(s)

  • Communicating in an organized and knowledgeable manner in written and verbal formats, including delivering clear requests for information and communicating potential conflicts

  • Identifying and addressing client needs while displaying the ability to contribute to the development of a business vision and manage implementation efforts

  • Managing client and account relationships, identifying opportunities and developing the appropriate approach and resources to successfully close and deliver the engagement


Please note that, at this time, to be in-person at a PwC office, client location or PwC-sponsored events, you must be fully vaccinated against COVID-19.

PwC does not intend to hire experienced or entry level job seekers who will need, now or in the future, PwC sponsorship through the H-1B lottery, except as set forth within the following policy: https://pwc.to/H-1B-Lottery-Policy.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.

For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.

For positions in Colorado, visit the following link for information related to Colorado's Equal Pay for Equal Work Act: https://pwc.to/coloradoadvisoryseniormanager.

#LI-Remote

Posted on : 2 years ago