Manager - Security Architect

Job Description & Summary

A career within Assurance Support Services, will provide the opportunity to support our engagement teams and clients by providing advice and counsel on accounting, financial reporting, and strategic business issues. In joining, you'll help ensure a complete and relevant exchange of information among our consultants and in turn with engagement teams and clients, provide experts advice on a variety of specific topics, support engagement teams in resolving complex issues, and supporting clients and their subsidiaries in evaluating the potential impact of accounting and reporting standard setting initiatives. You'll develop strong relationships with our engagement teams and established audit clients and enhance our ability to meet greater investor expectations with the challenges of an increasingly complex business environment.

Our team works closely with engagement teams, PwC leadership, PwC counsel, and other groups within PwC to identify and manage practice matters. You'll play an integral role in developing policy, processes, and tools to support the assurance practice and will interact daily with engagement teams to help staff navigate the challenging and highly judgmental aspect of the audit practice.
In the RAS DTS team, our work is always evolving to help our clients respond to cybersecurity related threats and trends, and we combine our deep technical skills in response to our clients changing cybersecurity needs.
Choose a career at PwC's RAS DTS team and enjoy an innovative environment where challenging and interesting work is part of daily life.
In PwC's Cybersecurity and Privacy Consulting practice, our work is always evolving to respond to industry trends and management focus, and we combine our deep technical skills in response to our clients changing needs. Over time, what we do remains closely linked with helping our clients improve the way they operate innovate and grow reduce costs manage risks leverage talent and change the way they do business.
Choose a career at PwC's Cybersecurity and Privacy Consulting and enjoy an innovative environment where challenging and interesting work is part of daily life.
Responsibilities:

• 
  Create and cultivate relationships with clients based on capability and credibility
• 
  Identify and address client needs, actively participating in client discussions and meetings, managing engagements including preparing concise and accurate documentation
• 
  Assess, design and implement appropriate measures, technologies and processes to adequately mitigate risks and provide demonstrable value to the clients
• 
  Work with product vendors and service providers to understand their offerings and strengths in order to develop pragmatic solutions to solve our client's business challenges
• 
  Ensures cyber security architectural principles are applied during the design stage to reduce risk
• 
  Develops models and plans to drive the execution of the cyber security strategy, taking advantage of opportunities to improve business performance
• 
  Contributes to creating and reviewing a systems capability strategy which meets the cyber security program's strategic requirements
• 
  Determine requirements and specifies effective cyber security related business processes, through improvements in technology, information or data practices, organization, roles, procedures, and equipment
• 
  Contributes to the development of organizational strategies that addresses information control requirements
• 
  Employ a quality approach to consulting delivery ensuring complete client satisfaction and project profitability
• 
  Conduct research to maintain and expand knowledge on the latest cybersecurity landscape, technologies and standards
• 
  Share knowledge with team members and contribute to growth and development of the organization.
• 
  Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, and participating in professional organizations.
• 
  Participate in pre-sales activities include client meetings, presentations and proposal preparations.
• 
  Review clients system security measures and recommend necessary enhancements.
• 
  Reviews and analyzes client's system logs, SIEM tools, and network traffic for unusual or suspicious activity, and make recommendations to restore secure operations.
• 
  Compiles and reports security metrics and key performance indicators to client's senior management.
• 
  Manage project economics, quality and risks.
• 
  Ability to communicate complex technologies and security issues to persons with non-technical backgrounds.

• 
  Possess university degree(s) in Computer Science, Computer Engineering, Information Systems, Electrical, Electronic, or other IT-related subjects
• 
  Related professional certifications preferred (CISSP, CISA, CEH, CCSP, GIAC, SABSA, etc.)
• 
  Possess knowledge and understanding of risks and its impact to the business and have the ability to strongly articulate the need and value of security solutions to our clients
• 
  Experience identifying and documenting security requirements for complex solutions and architectures aligned to commonly used frameworks such as NIST CSF, CIS Controls, MITRE ATT&CK, and ISO 2700x.
• 
  Possess knowledge of and ability to design and improve organisational IT structures and blueprints in order to better support business operations and efficiently achieve organisational objectives.
• 
  Possess knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
• 
  Possess knowledge of and ability to utilize a variety of technical tools and techniques to guarantee service availability and ensure IT system performance.
• 
  Possess knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems ability to apply this knowledge appropriately to diverse situations.
• 
  Possess knowledge of and the ability to detect and prevent data security vulnerabilities of coding throughout the software development life cycle within software development organizations.
• 
  Ability to build a thorough understanding of an organization's IT systems to anticipate possible security risks, identify areas of weakness, and respond effectively to possible security breaches.
• 
  Posses strong experience in information security and IT risk assessment, with a strong understanding of security protocols, authentication, and security.
• 
  Posses advanced understanding of security protocols, cryptography, and security
• 
  Posses strong experience implementing multi-factor authentication
• 
  Strong analytical, creative problem-solving and negotiation skills, with the ability to thrive in a fast-paced and dynamic environment
• 
  Possess strong interpersonal and communication skills, and be able to work with a wide variety of people
• 
  Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• 
  Excellent written and oral communication skills, including both technical and business writing, documentation and presentation skills, with the ability to present ideas and results to technical and non-technical audiences
• 
  7 - 10 years of relevant experience in Cybersecurity, Infrastructure Security, or Data Protection
• 
  Strong preference for basic competency in two or more of the following:
  • 
    Security strategy, risk, and privacy management
  • 
    Threat-modeling infrastructure foundation, knowledge of technologies, and technology-based solutions dealing with information security issues.
  • 
    Security architecture, design, and blueprint, including working experience in Akamai, FireEye, Palo Alto Networks, Splunk, Tanium, CrowdStrike, Titus, Digital Guardian, Symantec, Airwatch, AWS, Azure, SafeNet, Gemalto, etc.
  • 
    Data and application protection, including data classification, data discovery, data governance, DLP, IRM, EDR, tokenization, encryption, blockchain, TDE, cloud, mobility, microservices, APIsec, devsecops, API, back-up/recovery and retention, etc.
  • 
    Cyber security, including, TVM, APT, IPS, SIEM, DDoS, defacement, SOC operations/automation and testing, metrics, monitoring and reporting, etc.
• 
  Strong time management skills, self-directed, with the ability to work both independently and part of a diverse team