SRC_Cyber Resilience_Senior Associate

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas.
Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isnt clear, you ask questions, and you use these moments as opportunities to grow.
Skills
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firms code of conduct, and independence requirements.
  

Overview
The Cyber Resilience Senior Associate will be responsible for developing and implementing cyber resilience strategies and programs, ensuring the resilience and continuity of IT systems. The ideal candidate should have a strong understanding of cyber resilience practices and standards, possess excellent communication and organizational skills, and be able to work independently as well as part of a team.
Key Responsibilities

• Create and enforce comprehensive business continuity and cyber resilience strategies to ensure clients operations can withstand and quickly recover from disruptions.
• Conduct thorough risk assessments and develop risk treatment plans to identify and manage vulnerabilities and potential threats to business operations and cyber resilience.
• Provide expert advice to clients on business continuity and cyber resilience, including policy development, risk assessments, and compliance strategies.
• Design and document IT Disaster Recovery (ITDR) policies and procedures, including Application Sensitivity Assessments (ASA) and Failure Mode and Effects Analysis (FMEA).
  
• Develop and implement Business Continuity and Disaster Recovery (BCDR) plans, Information Security Management Systems (ISMS), and enterprise risk management frameworks.
• Develop and execute incident response plans, ensuring rapid and effective recovery from cyber incidents and other disruptions.
• Develop and execute disaster recovery plans and runbooks and facilitate tabletop simulation exercises focusing on natural disasters and cyber threats.
• Manage all phases of disaster recovery testing initiatives, including planning, coordination, execution, and post-drill activities.
• Implement and oversee compliance monitoring, auditing, and remediation activities to ensure adherence to relevant regulations and best practices.
• Develop and deliver training programs for clients and internal teams to promote awareness and preparedness for business continuity and cyber resilience.
• Provide advisory services on the selection and implementation of Business Continuity Management (BCM) tools and the automation of BCMS processes.
• Contribute to practice enablement and business development activities (development of SOWs, RFPs in alignment to clients requirement, etc.)
• Drive initiatives to develop innovation quotient (publishing whitepapers, help develop business case for an innovative technical idea to seek investments, point of view, etc.)
  

Position Requirements

• In-depth understanding of cyber resilience principles, business continuity, and disaster recovery frameworks.
• Knowledge of network security/hardening, whitelisting, and cybersecurity best practices.
• Proficiency in conducting risk assessments and developing IT Disaster Recovery plans and procedures.
• Good knowledge of cybersecurity principles, theories, and techniques.
• Knowledge of relevant standards and regulations, including ISO 27001, ISO 22301, NIST SP 800-61, and the Digital Operational Resilience Act (DORA).
• Experience working with frameworks such as MITRE ATT&CK, NIST, and SANS Incident Response.
• Understanding of information security management systems (ISMS) and enterprise risk management (ERM) practices.
• Experience in creating and maintaining Business Continuity Plans (BCPs), Crisis Management Plans (CMPs), and IT Disaster Recovery (ITDR) plans.

Looking to get Placed? Try our Placement Guarantee Plan

Get Hired
• Demonstrate application of business acumen while leveraging technologies.
  

Desired Knowledge

• Relevant certifications such as ISO 22301, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are highly desirable.
• Excellent leadership, teamwork, and collaboration skills.
• Practical experience in conducting business continuity and cyber resiliency testing and simulations.
• Proficient in security operations, particularly in handling security incidents, cyber threat intelligence, and proactive threat hunting.
• Hands-on experience with cyber defense security technologies, including SIEM, security detection platforms (IPS/IDS), and EDR/XDR (defense-in-depth).
• Experience working with cloud platforms such as AWS, Azure, or GCP.
  

Years Of Experience
Minimum of 3-8 years of experience in business continuity, cyber resilience, or a related field. Experience in a consulting environment is highly desirable.
Professional and Educational Background
BE / B Tech / MCA / MS / MBA (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems).
Additional Information

• Travel Requirements: Not Applicable
• Line of Service: Advisory
• Industry: Consulting
• Location: Bangalore, Hyderabad, Mumbai, Kolkata, Chennai, Pune