Risk, Quality and Compliance Lead
About The Position
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. The Client Security Officer (CSO) acts as a trusted advisor, ensuring clients’ security posture aligns with evolving threats, regulatory requirements, and business priorities. The role combines consulting experience, technical oversight, and client relationship management to deliver high-value security outcomes. The CSO Manager role is focused on cybersecurity strategy and implementation, with strong expertise in Managed Security Services Provider (MSSP) models. The Opportunity: As a Risk, Quality and Compliance Lead, unlock your potential and embrace the chance to drive meaningful outcomes that’ll elevate your career. Your role will include, but isn’t limited to: Responsibility for ISMS implementation and operations Conduct periodical reviews of the established ISMS and identify gaps and nonconformities Monitor, measure, evaluate, and continually improve the ISMS Approve key ISMS documents and communicate them to relevant users Define control owners and participate in control design Monitor control effectiveness across the organization Conduct periodical compliance and effectiveness assessments of the ISMS Manage remediation of ISMS gaps and nonconformities Liaise with corresponding teams to provide necessary evidence Report on ISMS status to the ISMS Owner and ISMS Committee Coordinate ISMS-related incidents Communicate ISMS-related topics across all ISMS team members
Requirements
- Professional knowledge of ISO 27000 standards
- Professional knowledge of ISO 27001 implementation and auditing processes
- Knowledge of Risk Assessment and Treatment methodologies (e.g. ISO 27005, IRAM2, OCTAVE)
- Knowledge of business continuity and disaster recovery management
- Knowledge of information security regulations and standards
- Knowledge of ICT and security architecture
- Knowledge of project management concepts
- 3+ years of experience in management of cybersecurity and ISO 27001/ISMS
- Proven experience with development and management of ISMS
- Experience with project management and team organization
Nice To Haves
- Certified Information Security Manager (CISM)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Systems Security Professional (CISSP)
- ISO/IEC 27001 Lead Implementer / Lead Auditor
- Certified Information Systems Auditor (CISA)
Responsibilities
- Responsibility for ISMS implementation and operations
- Conduct periodical reviews of the established ISMS and identify gaps and nonconformities
- Monitor, measure, evaluate, and continually improve the ISMS
- Approve key ISMS documents and communicate them to relevant users
- Define control owners and participate in control design
- Monitor control effectiveness across the organization
- Conduct periodical compliance and effectiveness assessments of the ISMS
- Manage remediation of ISMS gaps and nonconformities
- Liaise with corresponding teams to provide necessary evidence
- Report on ISMS status to the ISMS Owner and ISMS Committee
- Coordinate ISMS-related incidents
- Communicate ISMS-related topics across all ISMS team members
Benefits
- competitive compensation package
- inclusive benefits
- flexibility programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
