Business Information Security Officer (BISO), Global

PwC•Vancouver, BC

About The Position

The Global Network Information Security (NIS) team at PwC is searching for a talented security and technology professional to fulfill the role of Business Information Security Officer (BISO). Operating on a local, regional, and global scale, NIS is responsible for defining our security strategy and executing our global Cyber Readiness and Zero Trust Programs, transitioning from predominantly local to centralized services. If you are seeking an exciting opportunity with the scope to grow your cybersecurity career through major change on a global scale, then NIS will empower you to do so. NIS built the first global cybersecurity function at PwC. Our mission protects 300,000 PwC members across 150 member firms worldwide as well as our global clients. As a Business Information Security Senior Associate, Global, unlock your potential and embrace the chance to drive meaningful outcomes that’ll elevate your career. This position ensures continuity and upholds our standards of excellence following the departure of a valued team member.

Requirements

Progressive experience in a professional environment in roles involving information security and/or tech/digital management
Strong verbal and written communication skills and the ability to effectively convey complex security concepts to non-technical stakeholders
Develop knowledge of firm priorities, Network Information Security concepts, principles, and standards and their application in a large enterprise environment
Understanding of information security and technology including emerging trends in cloud computing, AI, and others – and the unique challenges and risks posed by them
Active and regular engagement with territory stakeholders communicating global NIS priorities, programs, and cyber thought leadership
Understanding of regulatory, legislative, and client security requirements, and the technology systems and methods that are available to address them

Nice To Haves

Knowledge of security attestations & certifications, preferably ISO 27001, NIST or SOC2

Responsibilities

Develop new skills outside of your comfort zone
Act to resolve issues which prevent the team from working effectively
Act as a subject matter expert, navigating competing priorities and managing adversity
Drive escalations and seek consensus on addressing issues across local/global stakeholders
Work collaboratively with and motivate others to recognize their strengths and elevate the team
Analyze complex ideas or proposals and build a range of meaningful recommendations
Use multiple sources of information, including broader stakeholder views, to develop solutions and recommendations
Identify and address risks that do not meet the firm's expectations and use data and insights to inform conclusions and support decision-making
Maintain a point of view on key global trends, and how they impact technology strategy
Simplify complex messages, highlight and summarize key points, and uphold the firm's code of ethics and business conduct
Manage security projects, including planning, execution, and monitoring
Act as key participant for cyber incidents, hygiene, and service escalations
Guide local security requests through global compliance processes and assess residual risk
Work with global and local territory stakeholders on key projects and initiatives
Communicate global NIS priorities, programs, and cyber thought leadership
Build and maintain relationships across the network to effectively deliver security activities
Manage multi-functional relationships and collaborating with multiple stakeholders across functional and technical skillsets to identify, build and maintain security capabilities or controls
Identify issues with security governance and make process efficiency improvements
Work closely with and support NIS/local IT/OGC/HC on timely escalations