GRC Senior Associate

Operating on a local, regional and global scale, Network Information Security (NIS) is responsible for the definition of our security strategy to hands on execution of our global Cyber Readiness Program, moving from predominantly local to centralized services. Global Technology is responsible for driving the adoption and operation of global IT services across the organization.

If you are seeking an exciting career with the scope to grow your cyber security and technology skills through major change on a global scale, then NIS and PwC Technology will empower you to do so.

In order to execute against the PwC Technology and NIS agenda, the team is structured into the following Pillars:

• Chief Technology Risk Office (CTRO)

• Business Change Technology and Security (BCTS)

• Chief Technology Office (CTO)

• Technology and Security Operations (TSO)

• Chief Admin Office (CAO)

• CYBER

• Office of the Chief Information Technology Officer (OCITO)

NIS and PwC Technology are building the first global cyber security and technology function at PwC. Our mission protects 300,000 PwC members across 160 member firms worldwide as well as our global clients.

Globally, we’ve embarked on a journey to create the capability to work as ‘One Network’ and make it easier to bring the best of our collective thinking to each other and our clients. Aligning, streamlining and standardizing many of our business operating processes and technologies across the Network is going to take a concerted effort but will help us achieve our Vision. Given the pace and speed in which PwC is investing in initiatives to drive our Vision, our ability to manage change for our business and our people is more critical than ever. PwC IT Services Ltd (PwC IT Services) was created to provide shared technology services to PwC firms in a secure, legally compliant, efficient and transparent manner. PwC IT Services is a separate legal entity owned and sponsored by a number of Strategy Council firms on behalf of the Network with a head office in the UK, and subsidiaries and legal branches in the countries where it has operations (US, Singapore, Canada, Germany, Netherlands, Czech Republic and Romania). PwC IT Services:

• Operates PwC’s three Global Hosting Centres;

• Manages and supports many of PwC’s global applications;

• Manages and operates the PwC Security Operations Centre; and

• Procures shared technology services

PwC IT Services’ solutions are used by most PwC firms, whether they be infrastructure, back office, or front office solutions and hosted on premise or in the cloud.

What does your work look like?

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

The role-holder will report to the PwC IT Services Compliance Officer and CISO who is responsible for setting and delivering the strategy for compliance, with a specific focus on information security and data protection. The compliance team is expanding and we are looking for a senior associate to join the team and help support the Compliance Officer and broader team as PwC IT Services evolves and matures.

Demonstrates intimate abilities and/or a proven record of success in:

• Responding to queries and providing accurate, appropriate, timely and pragmatic advice;

• Support with the creation of new policy documentation and updating existing policies;

• Maintaining and enhancing the organisation’s compliance with the Network standards including the Network Information Security Policy

• Supporting the management and smooth running of SOC 2 audits

• Performing monthly compliance tasks in relation to new joiners and leavers.

• Assisting with compliance audits and readiness for new audits

• Maintaining and improving the Sharepoint sites

• Carrying out ad hoc compliance and risk management projects

• Supporting training and awareness initiatives

• Carrying out monitoring and review activities

• Preparing and presentation agendas and decks for key meetings

• Maintaining records and minutes for audit purposes

Does this describe you?

We are looking for a candidate who:

• has a minimum of two years experience in data compliance, information security, risk management or data protection;

• is degree qualified (a qualification in data protection e.g. CIPP/e or compliance is an advantage);

• has excellent written and verbal communication skills;

• is computer literate;

• has experience of advising on compliance and data protection matters;

• can work to tight deadlines and multiple demands;

• Is able to work with cross functional and geographical teams

• is enthusiastic about developing themselves; and

• is highly motivated and confident to work independently, with guidance from more experienced subject matter experts.

• Will roll up sleeves and help out where required

What can we offer you?

We believe in the power of an inclusive culture and we want everyone to feel free to be themselves. We offer access to a PwC global network, where you can exchange knowledge, ideas and questions with other professionals regarding other disciplines. We also offer you:

• Numerous training sessions and courses that contribute to your personal and professional development;

• An appropriate salary and extensive employment conditions, including a well-being budget. This is a personal annual budget of € 1.000 to spend on your health, for example on mindfulness, sport, lifestyle coachings & wellness;

• A fully equipped, ergonomic home office with a second monitor;

• A monthly internet allowance;

• A lease car/car allowance, laptop and iPhone;

• 30 (or 32) holiday days per year;

• Hybrid working at the client, at home and at the office;

• The possibility, within standard working hours, of focusing on Corporate Responsibility, various networks, diversity, innovation and/or recruitment along with enjoyable informal activities and social parties.

Apply Now!

Recruiter Marijn Minderhoud.

Please note: direct applications only, no recruiters.