Information Risk & Security - Senior Associate

London (Greater)
06 Oct 2017
04 Nov 2017
Contract Type
Full Time
About the teamThe Information Risk & Security Senior Associate role is responsible for providing comprehensive information security services and routine coordination internally to PwC member firms. The team works closely with engagement teams across the member firm on information security matters and coordinates with other functional groups as needed. The role will provide advice and inform engagement and member firm / line of service teams about various contractual requirements and government laws and regulations as they pertain to information security. This role leverages functional expertise to help client service teams solve problems.
Strategic & Technical Orientation / Job ContentThe Information Risk & Security Senior Associate will team with the member firm or line of service Chief Information Security Officer to drive the development, implementation, maintenance and enhancement of all information security related activities in alignment with the Network Information Security Strategy. This role requires experience in the areas of IT and IT security strategy, operations, and roadmap planning. This role will incorporate PwC member firm knowledge and technical domain expertise into work activities and use its expertise in information security to solve business problems and deliver results.
Range of Impact

The Information Risk & Security Senior Associate role

Review compliance and risk management for mission/business processes

Hotline/helpline oversight on security events

Develop and maintain system security plans

Execute tasks to drive towards strategic vision

Demonstrate success working in new organizations and has illustrated critical attributes to include flexibility and innovative thinking

Communicate and maintain leadership directives to the Network Information Security Organization.

Provide key insight to overall security strategies and evaluate organizational progress towards agreed upon goals and find solution to complex issues in order to maintain timelines and achieve project success.

Resolve challenging problems in collaboration with others and takes initiative when appropriate to make independent choices on matters of significance

Influence others within information security group and community

Scope of responsibilityThe Information Risk & Security Senior Associate demonstrates significant knowledge and success of system security, controls or information security management environment, specifically the following information security areas.

Information security policy and procedure development and maintenance

Maintenance of annual security awareness training and role-based security training processes

Implementing and overseeing a compliant Risk Management Strategy

Maintenance of Insider Threat Awareness training process

Perform and maintain formalized risk assessments


Demonstrates proven abilities and success with leveraging creative thinking and problem solving skills, individual initiative, and utilizing MS Office

Demonstrates significant experience supporting Information Security Governance daily tasks and duties

Demonstrates significant experience in security governance planning, design, and implementation, as well as delegation of responsibilities to staff including associates

Demonstrates proven, refined abilities and success with identifying and addressing leadership and stakeholders needs

Builds solid relationships with leadership and stakeholders

Maintains significant awareness of Firm services and capabilities

Communicates with the leadership and stakeholders in an organized and knowledgeable manner

Develops key deliverables

Communicates strategic progress to internal stakeholders and works closely with the pillar leads to adapt the strategy as needed.


Completion of assigned work in accordance to manager direction.

Quality of work deliverables.

Peer and upward feedback

Education Level

Undergraduate Degree (e.g. BA,BS) or equivalent experience

Other DetailsThis role is part of PwC’s Network Information Security organization but supports work internal to a PwC member firm or line of service.


Internal firm services

In order to deliver a first-class service to our clients, we need first-class support internally. Internal firm services is a network of specialist support professionals and includes marketing, recruitment, human capital, finance, technology, learning and development, procurement, to name but a few. Each team plays a vital role in making sure we have all the right resources, services and technology across our business.

The skills we look for in future employees

All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, ‘The PwC Professional’ and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships.

Learn more here


We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool, as well as those who reflect the diverse nature of our society. And we aim to encourage a culture where people can be themselves and be valued for their strengths. Creating value through diversity is what makes us strong as a business and as an organisation with an increasingly agile workforce, we're open to flexible working arrangements where appropriate.

Learn more here