Information Security Risk & Government Manager in London

Our vision for the PwC Network, fuelled by our Purpose, is to be the most trusted and relevant professional services business in the world - one that attracts the best talent and combines the most innovative technologies, to help organisations build trust and deliver sustained outcomes. PwC continues to invest in cyber security capabilities to protect our business and our clients. Within CISO Governance, Risk & Compliance (GRC) team acts as a trusted risk advisor to the UK business by providing guidance on cybersecurity stakeholders to implement effective security measures to mitigate risks and protect the firm's interests.

What your day will look like:

• As a Manager in our Office of the CISO, your role is to drive risk management and reduction activities to help identify and reduce the risks related to information security associated with technology used within the firm.
• Support the creation of a comprehensive information security risk management framework and the implementation of mitigation strategies by collaborating with leadership and stakeholders to ensure enterprise-level risk visibility and strategic alignment.
• Collaborate with senior stakeholders for insights on existing and emerging technologies like GenAI, offering strategic updates and impact assessments for informed decision-making.
• Conduct regular risk assessments to continuously monitor risks, security threats, and vulnerabilities, ensuring the effectiveness of controls.
• Lead initiatives to ensure consistent security practices across G&HI projects.
• Provide recommendations and guidance covering the use of PwC IT systems and client data handling, ensuring security considerations are addressed, particularly where the use of offshore delivery models.
• Ensure compliance with technology requirements including PwC systems and laptops.
• Report and investigate security breaches, maintaining records and communicating with relevant G&HI leadership.
• Govern evaluations and assessments of information security risks and non-compliance, determining their potential impact and likelihood on the organisation.
• Respond pragmatically to challenging situations and lead risk remediation efforts to negotiate and balance risk with business imperatives, particularly within the UK firm.
• Build and manage relationships across a global network, effectively handling a matrixed organisation.
• Take ownership of team deliverables to ensure timely, quality-driven, and strategically valuable outcomes for the organisation.
• Participate actively in team activities, contributing to strategic projects, communications, process improvements, knowledge sharing, and fostering a positive work environment.

This role is for you if:

• Strong communication and influencing skills to assist, inform, and build relationships with stakeholders in both the business and support teams, to enable effective information security.
• Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.
• Excellent time management skills, balancing working efficiently on your own and contributing as part of a wider team - prioritising and recognising when to escalate to management.
• Must possess the following or an international equivalent: Formal certifications / qualifications in Information Security (CISSP, CISM, CRISC, CompTIA Security+).

What you’ll receive from us:

No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions. We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more.