Line of Service Internal Firm Services Industry/Sector Technology Specialism IFS - Information Technology (IT) Management Level Manager Job Description & Summary About the role: Our vision for the PwC Network, fuelled by our Purpose, is to be the most trusted and relevant professional services business in the world - one that attracts the best talent and combines the most innovative technologies, to help organisations build trust and deliver sustained outcomes. mission protects 370,000 PwC members across 149 member firms worldwide, as well as our global clients. Overview: PwC continues to invest in cyber security capabilities to protect our business and our clients. Within CISO Governance, Risk & Compliance (GRC) team acts as a trusted risk advisor to the UK business. By providing guidance on cybersecurity stakeholders implement effective security measures to mitigate risks and protect the firm's interests. Key responsibilities: As a Manager in our Office of the CISO, your role is to drive risk management and reduction activities to help identify and reduce the risks related to information security associated with technology used within the firm. Within this role there are specific responsibilities that help ensure PwC complies with the requirements of clients in our Government & Health Industries (G&HI) space: Support the creation of a comprehensive information security risk management framework and the implementation of mitigation strategies by collaborating with leadership and stakeholders to ensure enterprise-level risk visibility and strategic alignment. Collaborate with senior stakeholders for insights on existing and emerging technologies like GenAI, offering strategic updates and impact assessments for informed decision-making. Conduct regular risk assessments to continuously monitor risks, security threats, and vulnerabilities, ensuring the effectiveness of controls. Lead initiatives to ensure consistent security practices across G&HI projects. Facilities Security Controller and our practice partners and staff with regards to ensuring compliance with contractual requirements within the G&HI sector. Provide recommendations and guidance covering the use of PwC IT systems and client data handling, ensuring security considerations are addressed, particularly where the use of offshore delivery models. Ensure compliance with technology requirements including PwC systems, laptops. Report and investigate security breaches, maintaining records and communicating with relevant G&HI leadership. Govern evaluations and assessments of information security risks and non-compliance, determining their potential impact and likelihood on the organisation. Respond pragmatically to challenging situations and lead risk remediation efforts to negotiate and balance risk with business imperatives, particularly within the UK firm. Build and manage relationships across a global network, effectively handling a matrixed organisation. Take ownership of team deliverables to ensure timely, quality-driven, and strategically valuable outcomes for the organisation. Participate actively in team activities, contributing to strategic projects, communications, process improvements, knowledge sharing, and fostering a positive work environment. An effective candidate will possess the following skills: Strong communication and influencing skills to assist, inform, and build relationships with stakeholders in both the business and support teams, to enable effective information security Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance. Excellent time management skills, balancing working efficiently on your own and contributing as part of a wider team - prioritising and recognising when to escalate to management. Experience & Qualifications: Previous proven management experience in an information security risk management role. Formal certifications / qualifications in Information Security (CISSP, CISM, CRISC, CompTIA Security+). Extensive knowledge of risk assurance frameworks essential, such as ISO 31000; NIST CSF; ISO 27001 Knowledge of technical security principles highly desirable Broad understanding of technology and how security is applied to technology in a large enterprise setting Experience at an enterprise, global company or big four firm is desirable Strong data manipulation and visualisation skills (PowerBI, Alteryx, Excel). Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Coaching and Feedback, Communication, Creativity, Cybersecurity Framework, Cybersecurity Governance, Cybersecurity Risk Management, Cybersecurity Strategy, Cybersecurity Threat Mitigation, Cyber Threat Intelligence, Digital Forensics, Embracing Change, Emotional Regulation, Empathy, Firewall (Network Security), Forensic Investigation, Incident Management, Incident Remediation, Incident Response Plan, Inclusion, Intellectual Curiosity, Learning Agility {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship? Government Clearance Required? Job Posting End Date Are you ready to make a difference? Want to unlock new value by applying your unique perspective and talents? You can grow exponentially at PwC. Here, you can uncover hidden talents, build lifelong relationships rooted in trust and empathy and turn challenges into opportunities for innovation. We’ll help you grow your skills through challenging, meaningful work so you can go further.