Cyber Security – Senior Associate at PricewaterhouseCoopers (PWC)

Job Description

(adsbygoogle = window.adsbygoogle || []).push({}); PricewaterhouseCoopers is one of Kenya’s leading professional services firms focused on providing Audit & Assurance, Advisory and Tax services. Our primary strategic goal is to create value for our clients and deliver a competitive advantage to their operations. Our blend of international and Kenyan expertise is fundamental to the high quality of advice and assistance that we offer. As elsewhere in the world, PricewaterhouseCoopers in Kenya uses the benefit of its hands-on experience to provide a strong level of local understanding and support, in accordance with the international professional standards of the PricewaterhouseCoopers worldwide organisation. With over employees we stand firm on our commitment to provide highly qualified professionals to assist private companies and public institutions with our first-hand knowledge and expertise-within Kenya and internationally.

Summary

Our Risk Assurance team helps clients improve the governance, risk management and compliance of their operations. This solutions-based service help clients solve a diverse set of structure, function, relevant business risks by utilizing our deep understanding of governance, risk management/ compliance, IT systems and internal controls in businesses. Working with leading clients across various industries, you will assist in the execution and management of engagements ensuring we deliver according to our objectives and add value to our clients.

Main Duties and Responsibilities of the Role

Conducting information security assessments using the company Methodology and leading practice frameworks and common standards. Conducting vulnerability assessment and penetration tests on infrastructure, networks, and web applications, and performing source code review; Assisting clients in managing and transforming their information security programs; Assisting clients in managing their business continuity and disaster recovery; Assisting clients in designing and implementing their identity and access management solutions; Assisting client in managing their information protection and data privacy; Evaluating and analysing threat, vulnerability, impact and risk to security issues discovered from security assessments; Advising clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems; and Application control and security implementation, program and project delivery design, architecture and solution design. Assessing and implementing security and risk standards including ISO X, NIST, ITIL, COBIT Assessing, designing, managing, and reporting on enterprise security;

Requirements

Preferred skills

People management skills, ability to build partnerships, conducive team oriented working environment and provide coaching to the associates in the quest to add value to our clients. Technical expertise, having the knowledge and expertise of process and controls. Professional Ethics: Ability to maintain confidentiality and objectivity on assignments in line with PwC’s code of conduct. Excellent Work Ownership and or personal responsibility skills. Excellent communication skills, ability to receive, understand and respond to communications verbally and writing to all levels in organizations. The ability and willingness to travel within the Country and Africa where the project dictates.

Minimum years experience required

4-5 years of relevant experience in technical IT risk or an IT security role

Specialist Knowledge required for the role

Good understanding of cybersecurity frameworks particularly: MITRE, CIS and OWASP framework Solid understanding of governance, risk and audit concepts. Good understanding of IT audit principles and standards

Education Qualification 

Bachelor’s Degree or equivalent (Second Class Honors and above) from a Higher Education Board accredited institution. Bachelor’s Degree in Informatics, Computer Science, Information Technology, Information Science, Engineering or related field.

Additional application instructions

Preference shall be given to the candidates having either of the following qualifications: CEH, CISSP and LPT. CISA/ CISM/ CCNA

Personal attributes required for the role

Project management skills, ability to solve problems with personal flexibility to meet changing client or business expectations. Excellent team leadership, interpersonal and collaboration skills Strong verbal, presentation and report writing skills Good coaching skills, ability to mentor other / less experienced staff members. Client management, ability to build and maintain excellent client relations. Awareness of current / emerging market trends and issues

Other Desirable attributes:-

Ensures % compliance to Learning and methodology matters Ensures % compliance to Risk and Quality matters