Senior Associate, Digital Trust & Cybersecurity

Job Description & SummaryA career in our Risk Assurance Internal Audit – Client Services practice, within Risk Assurance Compliance and Analytics services, will provide you with the opportunity to assist clients in developing analytics and technology solutions that help them detect, monitor, and predict risk. Using advanced technology, we’re able to focus on establishing the right controls, processes and structures for our clients to ensure that decisions are based on accurate information and assure that information provided to third parties is accurate, complete, and can be trusted.

Our team supports clients development of a risk management and governance framework and provides consulting and investigatory advice.We apply a wide range of assurance techniques, with a strong emphasis on risk management, performance improvement, change management.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

1.Designing and performing reviews on Information Technology General Controls (ITGCs) covering user access and identity management, privilege access management, IT change management, general computing environment, data availability and recoverability, system implementation/ significant upgrades etc. 

2. Designing and performing reviews on security configurations on IT infrastructure and platforms including operating systems, databases etc.

3. Designing and performing reviews on IT governance structures and programmes including IT strategy, IT risk management, IT policies and procedures, IT structures, IT performance management, IT value for money audits etc.

4. Designing and performing reviews on application controls including segregation of duties, input/output controls, automated configurations/ calculations, key reports, interfaces/ integrations etc.

5. Performing internal and external vulnerability assessment and penetration testing on web applications, mobile applications, internal networks etc. and performing source code reviews.

6. Performing cyber maturity assessment and benchmarking

7. Performing business process reviews and re-engineering, risk assessments, controls identification and controls review especially within key process cycles e.g. order to cash including revenue and receivables, procure to pay including purchase and payables, inventory management etc. 

8. Performing internal audits on key process cycles – planning through to reporting

9. Developing and executing third party IT assurance work programmes and reporting in line with standards – ISAE, SOC

10. Developing and executing quality assurance work programmes over system implementation and transformation exercises

Industry Experience

1. Financial Services – banking, insurance etc

2. Telecommunications (added advantage)

Skills

1. Data analysis and analytics (ACL, Ideal, Python or SQL) and (Power BI, Qliksense etc.)

2. Value proposal development

3. Communication and presentation skills

4. Report writing

5. Scripting and programming (added advantage)

Minimum Certifications

1. Certified Information Systems Auditor (CISA)

2. At least one cyber security related certification (CEH, CISSP, CISM, OSCP etc.)

3. Cloud certifications – MS Azure or AWS (added advantage)

Application and Platform Security Experience

1. Windows Server, Oracle DB, UNIX/ Linux Servers, SQL DB

2. SAP application (added advantage)

3. Core banking systems – Flexcube, Finacle, T24 (added advantage)

Standards

1. Reporting – AUP, ISAE, SOC

2. IS and Security – ISO 27001, COBIT, NIST

Reports to

Manager, Risk Assurance Services

Education(if blank, degree and/or field of study not specified)Degrees/Field of Study required: Bachelor Degree – Accounting & TechnologyDegrees/Field of Study preferred:

Certifications(if blank, certifications not specified)