Line of Service Internal Firm Services Industry/Sector Technology Specialism IFS - Information Technology (IT) Management Level Manager Job Description & Summary About the role: PwC continues to invest in cyber security capabilities to protect our business and our clients. Within PwC’s Global Network Information Security (NIS) team, the UK CISO Governance, Risk & Compliance (GRC) team acts as a trusted risk advisor to the UK business. By providing guidance on cybersecurity-related risks and ensuring alignment with PwC’s global cybersecurity strategy, we help our UK stakeholders implement effective security measures to mitigate risks and protect the firm's interests. What your days will look like: As the Information Security Risk Manager, your role is to drive risk management activities to help identify and reduce the risks related to information security associated with technology used within the firm. Establish a robust information security risk management framework along with clear policies and procedures to provide visibility of aggregated risk at the enterprise / executive level through analysis and reporting. Drive the implementation of risk mitigation strategies by collaborating closely with leadership, internal risk teams, and other stakeholders to ensure alignment with strategic objectives, fostering a culture of risk-awareness, enhanced communication and informed decision-making. Prioritise activities by organisational risk and criticality to align risk management with business goals and enhance operational resilience. Focusing on high-impact areas to ensure efficient resource allocation and providing leadership with a comprehensive risk perspective. Collaborate with senior stakeholders for insights on existing and emerging technologies like GenAI, offering strategic updates and impact assessments for informed decision-making. This role is for you if: Strong communication and influencing skills to assist, inform, and build relationships with stakeholders in both the business and support teams, to enable effective information security activities and processes aligned to the firm’s security strategy. Bring high energy and thrive on helping people to solve problems, stakeholder management/customer service outlook - working with business teams to achieve positive outcomes. Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance. Excellent time management skills, balancing working efficiently on your own and contributing as part of a wider team - prioritising and recognising when to escalate to management An interest in PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ideal Experience & Qualifications: Previous proven management experience in an information security risk management role. Formal certifications / qualifications in Information Security (CISSP, CISM, CRISC, CompTIA Security+). Extensive knowledge of risk assurance frameworks essential, such as ISO 31000; NIST CSF; ISO 27001 Knowledge of technical security principles highly desirable Broad understanding of technology and how security is applied to technology in a large enterprise setting Experience at an enterprise, global company or big four firm is desirable Strong data manipulation and visualisation skills (PowerBI, Alteryx, Excel). What you’ll receive from us: No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions. We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more. We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more. Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Embracing Change, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity {+ 16 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Are you ready to make a difference? Want to unlock new value by applying your unique perspective and talents? You can grow exponentially at PwC. Here, you can uncover hidden talents, build lifelong relationships rooted in trust and empathy and turn challenges into opportunities for innovation. We’ll help you grow your skills through challenging, meaningful work so you can go further.