Cyber R&R SRC - TPRM- Senior Associate

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

Our Third Party Risk Management (TPRM) team focuses on helping our clients assess, design, implement, and maintain an effective third party risk program.This is inclusive of pre and post contract stages for our clients helping them evaluate the controls required precontracting with a vendor, contractor, or supplier, as well as postcontract from an ongoing monitoring perspective. Our TPRM team focuses on designing programs, operationalizing those programs, change management across all risk domains of a third party program and assessments (ongoing monitoring efforts). You will work with third parties all across the globe that support the operations of our clients to ensure adequate control environments are in place and help provide our clients comfort that both reasonable and defensible controls are in place. As more companies continue to outsource and move to cloud transformation, the demand for TPRM has quickly grown. You will help our clients transform their business, build trust amongst their ecosystem, manage risk effectively, and drive accountability and control with their third party connections.

Our team helps organisations develop TPRM business plans, costbenefit analyses, target operating models, short/longterm strategies, and ultimately improve the effectiveness of their TPRM programs. In joining our team, you will work with xLoS professionals at PwC across all third party risk domains, including, but not limited to cybersecurity, privacy, human resources, legal, technology, financial, fraud, regulatory, and industry specific business risks. You will help organizations with strategy, design, operation and longterm maintenance of their TPRM programs.

• Use feedback and reflection to develop self awareness, personal strengths and address development areas.
• Delegate to others to provide stretch opportunities and coach to help deliver results.
• Develop new ideas and propose innovative solutions to problems.
• Use a broad range of tools and techniques to extract insights from from current trends in business area.
• Review your work and that of others for quality, accuracy and relevance.
• Share relevant thought leadership.
• Use straightforward communication, in a structured way, when influencing others.
• Able to read situations and modify behavior to build quality, diverse relationships.
• Uphold the firms code of ethics and business conduct.

• Team members will assist territory engagement teams in performing vendor management, vendor assessment and managed services in accordance with territorial reporting guidelines.
• Team members would be expected to perform activities that will include Preparation of vendor assessment reports which will include an analysis of the business profiling questionnaire and due diligence questionnaire of the vendor, review supporting documentation, performing a research on the operations and other relevant information about the vendor/supplier. Handle endtoend vendor onboarding process involving timely collection of documents to properly onboard a vendor and support with the payment/invoice processing Assessment of compliance of vendors against set standards/controls, SOC and PCI reports etc.Communicate with the clients and vendors and get clarification Assist in the administrative requirements of the team
• Team members would be required to handle multiple tasks at the same time. Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

• Bachelors/Masters in Information Security
• Bachelor of Commerce
• Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX
• Other relevant qualification/certification

• Strong knowledge of information security concepts, risk and controls concepts and vendor onboarding
• Sound knowledge on IT controls (especially IT risks)
• Sound knowledge of Internal Controls and Compliance
• Good knowledge on Privacy, Governance and reporting

• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.), Candidates should have strong verbal and written communication skills to manage query resolution and vendor communication.
• Knowledge / experience in fields of Vendor Risk Assessments, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collaterals with a strong focus on building relationships.

Degrees/Field of Study required Degrees/Field of Study preferred Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, AntiMoney Laundering (AML), Coaching and Training, Communication, Compliance Advisement, Compliance Oversight, Compliance Program Implementation, Compliance Risk Assessment, Confidential Information Handling, Contract Review, Contractual Risk Mitigation, Contractual Risk Monitoring, Contract Writing, Creativity, Crisis Management, Data Loss Prevention (DLP), Data Security, Discretion and Business Ethics, Embracing Change, Emotional Regulation, Empathy, Financial Risk Management