Job Description

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Senior Associate

& Summary

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls.

Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job & Summary

We areseekinga highly skilled and experiencedData SOCFunctional Consultantto join our Risk Consulting team. As aData SOCFunctional Consultant, you willberesponsibleforpolicy advisory, process governance, third-party risk management, and data flow assessments for clientsYou will work asConsultants for Policies / Processes / TPRM /DFAkind of customer interaction itemsYou willwork onvarioustypesoftechnologiesbut not limited toDLP, DAM, CASB, Data Discovery, Data Classification, Encryption, DSPM, Zero Trust solutions,PETs, and more. The ideal candidate shouldpossessstrong project management skills, technicalexpertisein cybersecurity, and a comprehensive understanding of best practices in the field.

Education

• Bachelor's orMaster'sdegree in Cybersecurity, Information Technology, ora relatedfield.

Certifications:

• Professional certifications such asISO/IEC 27001 Lead Implementer or Auditor; NIST CSF Practitioner; DPDPA (India) practitioner/lead implementer course; Privacy: IAPP CIPP/E or CIPM

Experience:

• Proven experience (4-7years) in a similar role, preferably in a consulting environment.

• Strong project management skills with the ability to lead and manage multiple projects simultaneously.

• Experience with DLP, CASB, DAM, Encryption, DSPM, Zero Trust Implementation, Monitoring & Assessment along with data discovery and data classification

• In-depth knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST CSF, DPDP Act).

Skills:

• Technical: DLP, Data Discovery, UEBA, PETs, DAM, CASB, FIM, Encryption/Masking, SIEM/SOAR.

• Leadership: Team building, executive communication.

• Regulatory: DPDPA, GDPR, HIPAA, PCI, SOX.

• Excellent communication and presentation skills with the ability to effectively convey complex technical concepts to non-technical stakeholders.

• Strong analytical and problem-solving skills.

• Ability to work independently and collaboratively in a team environment.

• Attention to detail and commitment to delivering high-quality work.

Responsibilities:

Policy Advisory

Draft and review data security policies; ensure alignment with regulatory frameworks (DPDPA, GDPR, HIPAA, PCI, SOX).

Process Governance

Define and maintain DSOC processes; ensure ITIL and ISO 27035 compliance.

Third Party Risk Management (TPRM)

Conduct third-party risk assessments;validatevendor compliance with security standards.

Data Flow Assessment

Perform DFA for criticalapplications,documentlineageand classification.

Client Interaction

Engage with customers for governance workshops, audits, and compliance reviews.

Reporting & Dashboards

Weekly: Policycompliancescorecards and TPRM status.

Monthly: DFA reports and governance metrics.

Quarterly: Audit readiness and regulatory alignment updates.

Incident Management & Response

Support incident reviews byvalidatingpolicy adherence and process gaps;assistin remediation planning.

Project & Stakeholder Management

Lead governance and compliance projects; coordinate with DSOC Head, Legal, and client teams for successful delivery.

Additional Responsibilities:

Research & Thought Leadership

Stay updated on regulatory changes and best practices; publish internal compliance guidelines; contribute to policy improvement initiatives.

Travel Requirements

• Travel to Client locations locally, in addition to travelling domesticallyand/or internationally for assignments asrequired

Available for Work Visa Sponsorship?

Government Clearance Required?

Mandatory skill sets: Experience with DLP, CASB, DAM, Encryption, DSPM, Zero Trust Implementation, Monitoring & Assessment along with data discovery and data classification

Preferred skill sets:In-depth knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST CSF, DPDP Act).

Years of experience required:4-7

Education Qualification:B.tech/BE

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of EngineeringDegrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Data Privacy Standards

Optional Skills

Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date