Risk Services - Technology, Cyber and Third Party Risk Management - Senior Manager

Join our diverse, global community at PwC, where we solve important problems together. You'll develop your unique skills in exciting ways, powered by technology.

Our Risk Services Practice provides critical insights and independent assurance to help clients protect and strengthen their businesses. We manage and mitigate risks from cybersecurity breaches to supply chain disruptions, covering technology, resilience, operations, data analytics, regulatory requirements, data security and privacy, internal audit, and third parties.

We build trust in clients' digital agendas through robust technology, cyber and third party risk management in all industry sectors with a focus on financial services, including banks, insurers, asset managers, payment services, and fintechs.

Our practice is growing due to client demands for help with rapid development, regulatory complexities, and evolving digital risks. Supporting clients' confidence in their digital future is key to their growth, making our Technology, Cyber and Third Party Risk (TCTR) team a priority for our firm.

We are seeking a number of experienced Senior Managers to join ourTCTR team to respond to strong demand-led growth. The team helps clients to understand their technology, cyber, third party risks and regulatory obligations , define and execute a strategy which enables the business to deliver its objectives within their desired risk appetite whilst meeting regulatory obligations.

• Managing and delivering technology, cyber security, and third-party risk assignments, such as improving control environments, risk management approach, producing documentation and reports, and quality assuring the work produced by junior team members.
• Collaborate with stakeholders such as clients to identify opportunities to improve their key controls across cybersecurity, business, technology and third party management processes

• Providing our clients with trusted advice, rooted in a pragmatic understanding of their business strategy, to help them navigate complex, risk-driven risk decisions.
• Work on specific projects to substantially improve and evolve the capability and quality of the processes, deliverables and thought leadership

• Building client relationships and establishing credibility by demonstrating knowledge of various aspects of risk management, and identifying opportunities where PwC can assist.

• Provide advisory related services through all major milestones of the sales and delivery life cycles including identification, proposal development, planning, fieldwork, reporting and debrief processes

• Supporting the development of toolkits, methodologies, and accelerators including innovating to enable automation and the use of generative AI

• Provide coaching and/or conduct training to junior staff to develop communication, analytical and technical skills

• A good Degree in Business, Engineering, Computer Science, Information Technology (IT) or related disciplines with IT focus
• At least 3 years Technology, Cyber and or Third Party Risk and Control experience in Big 4 or leading organisations
• CISA, CISM, CISSP, PMP or other professional certification is preferred
• Demonstrated track record in leading engagements within a professional services or consulting environment, self-driven, combined with ability to work in teams effectively
• Excellent communication skills – both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate recommendations and actions succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client’s needs).
• A keen eye for detail and strong focus on encouraging quality work by all team members, and a constructive approach to developing and mentoring colleagues with those goals in mind.
• Excellent project management skills and demonstrated ability to follow through and complete tasks within tight deadlines

• Experience in business development or sales, including working on bid teams, and supporting winning proposals and RFP responses.
• Management and/or assessment of the adequacy of risk and controls over technology, cyber and third party risk at financial institutions.
• Knowledge of diverse compliance and regulatory frameworks, e.g., MAS Notices and Guidelines related to technology risk management, business continuity management and outsourcing governance, CSA, NIST, MTCS, ABS Cloud Guidelines, ISO 270XX, SOC-1/2/3, etc

• Knowledge or familiarity with risk and security management tools (e.g., GRC, CyberArk, Zscaler, HSM)
• Knowledge or familiarity with third party risk management tools (e.g.: Coupa, Bitsight, OneTrust, etc)
• Knowledge or familiarity on workflow management tools (e.g., ServiceNow, JIRA), etc
• Knowledge in cloud technologies of one or more cloud providers (e.g. Amazon Web Services, Google Cloud Platform, Microsoft Azure, Alibaba/Aliyun, etc.).