Global Application Security Risk Manager

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients. Risk Managers ensure that risk assessment outcomes are effectively communicated to application team members. They support ideation activities, facilitate meetings, and gather information from various teams. In addition to their managerial duties, Risk Managers also take on the responsibilities of Risk Reviewers. This includes reviewing tickets for inconsistencies, managing ERV calls, and collaborating with Risk Reviewers to define the ticket review approach. They maintain a dashboard of ticket statuses, report on ticket status and metrics, and act on pending items in a timely manner. Risk Managers assist in creating issues and mitigation plans, track ticket progress, and manage interactions with other NIS teams. They are responsible for presenting problems as opportunities and knowing when to escalate issues to senior management.

Meaningful work you’ll be part of

As a Global Application Security Risk Manager, you’ll work as part of a team of problem solvers, helping to solve business issues, deliver high quality client service and operational efficiency. Responsibilities include but are not limited to :

Review tickets for inconsistencies, talking points, in advance of ERV calls / Initial conversation with customers.

Validate ticket, associated tasks and SDD information and manage and run ERV calls.

Work with Risk Reviewer to understand questionable items and define approach to ticket review.

Review previous tickets, including upstream and downstream relationships and for other firms and their results in relationship to other tickets – discuss inconsistencies with the Risk Reviewer.

Maintain a dashboard of your ticket status and be ready to report on status of any ticket and general metrics upon request and review and action pending items / responses in a timely manner.

Participate in team calls and ideation exercises and be able to communicate with seniors and stakeholders.

Review related CRS and SRT tasks and manage calls upon request or when the Customer does not understand the record documentation.

Assist with creation of Issues and / or Mitigation Plans for Issues.

Track progress of the ticket through the Issue Mgmt. Stage and manage interactions with ancillary NIS teams : Global Workspace; m365; Third Party Risk Mgmt.; Splunk; Business Continuity; Mobile Application Mgmt.; BISO / CISO teams.

Experiences and skills you’ll use to solve

Customer service skills to create an exceptional customer experience.

Strong organizational and time management skills to support multiple concurrent reviews.

Self-Awareness and a quick learner (ability to integrate training and coaching received into action).

Knowledge of the Information Security Policy, Application Readiness Standard, & Applicable Supporting Standards.

Understand the purpose of Application Readiness process and ability to interact with customers, and ensure customers understand what actions they need to take.

Ability to assess whether a control is 'met' or 'not met' (black and white).

Ability to review documentation analytically and assess control compliance based on information / documentation provided.

Ability to evaluate complex data and determine whether data can be used to support the reviews being conducted.

Ability to pull facts and details related to controls from different types of documentation and diagrams submitted.

Interface with customers to ask clarifying questions, prompt for responses to open items, provide guidance on next steps, schedule meetings.

Interface with AR Risk Manager(s) and AppSec Architects to provide status, raise flags / concerns related to IT Security Risk.

Document work in the SNOW AR Ticket.

Strong communication, organizational skills, problem-solving skills, strategic thinking.

Ability to manage multiple projects and teams.

Knowledge of information security policies and application readiness standards.

Nice to have certifications CISSP / CISM / CISA / CCSK / CCSP / CRISC.

Why you’ll love PwC

We’re inspiring and empowering our people to change the world. Powered by the latest technology, you’ll be a part of diverse teams helping public and private clients build trust and deliver sustained outcomes. This meaningful work, and our continuous development environment, will take your career to the next level. We reward your impact, and support your wellbeing, through a competitive compensation package, inclusive benefits and flexibility programs that will help you thrive in work and life. Learn more about our Application Process and Total Rewards Package at : https : / / jobs-ca.pwc.com / ca / en / life-at-pwc

PwC Canada acknowledges that we work and live across Turtle Island, on the land that is now known as Canada, which are the lands of the ancestral, treaty and unceded territories of the First Nations, Métis and Inuit Peoples. We recognize the systemic racism, colonialism and oppression that Indigenous Peoples have experienced and still go through, and we commit to allyship and solidarity.

At PwC Canada, our most valuable asset is our people and we grow stronger as we learn from one another. We’re committed to creating an equitable and inclusive community of solvers where everyone feels that they truly belong. We understand that experience comes in many forms and building trust in society and solving important problems is only possible if we reflect the mosaic of the society we live in.

We’re committed to providing accommodations throughout the application, interview, and employment process. If you require an accommodation to be at your best, please let us know during the application process.

J-18808-Ljbffr

Application Security • Toronto, ON, Canada