AC Manila - ISMS Senior Associate

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. Those in enterprise risk management at PwC will focus on identifying and mitigating potential risks that could impact an organisations operations and objectives. You will be responsible for developing business strategies to effectively manage and navigate risks in a rapidly changing business environment.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Skills

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firms code of conduct, and independence requirements.
  
  

The Opportunity

When you join PwC Acceleration Centers (ACs), you step into a pivotal role focused on actively supporting various Acceleration Center services, from Advisory to Assurance, Tax and Business Services. In our innovative hubs, you’ll engage in challenging projects and provide distinctive services to support client engagements through enhanced quality and innovation. You’ll also participate in dynamic and digitally enabled training that is designed to grow your technical and professional skills.

As part of the Information Security Management Systems team you will implement, maintain, and enhance clients’ Information Security Management Systems aligned with ISO/IEC 27001 and related standards. As a Senior Associate, you will analyze complex problems, mentor junior team members, and build meaningful client relationships while navigating the intricacies of cybersecurity consulting. This role offers the chance to work with diverse clients, develop strategic security recommendations, and contribute to a culture of continuous improvement within a dynamic and inclusive environment.

Responsibilities

• Evaluate information security management systems for effectiveness
• Identify vulnerabilities and recommend corrective actions
• Collaborate with cross-functional teams to enhance security measures
• Guide team members in recommended practices for data protection
• Conduct audits to confirm compliance with security standards
• Stay informed on emerging threats and industry trends
• Develop training materials to promote security awareness
• Analyze security incidents to improve response strategies
  
  

What You Must Have

• Bachelors Degree
• 4 years of experience in Information Security or IT Risk Consulting
• Oral and written proficiency in English required
  
  

What Sets You Apart

• Bachelors Degree in Information Technology, Computer Science, Cybersecurity preferred
• ISO 27001 Lead Implementer / Lead Auditor preferred
• CISA / CISM / CISSP certifications preferred
• ITIL Foundation or COBIT certification preferred
• Data Privacy certification preferred
• Excelling in analytical and problem-solving skills
• Translating technical issues into business language
• Managing projects and engaging clients effectively
• 3–6 years in ISMS implementation, auditing, or information security governance

---