Manager - Cyber Regulatory Compliance - Risk Assurance
Line of Service
Not Applicable Specialism
Conduct and Compliance Management Level
Manager Job Description & Summary
A career within Risk Assurance Compliance and Analytics services, will provide you with the opportunity to assist clients in developing analytics and technology solutions that help them detect, monitor, and predict risk. Using advanced technology, we're able to focus on establishing the right controls, processes and structures for our clients to ensure that decisions are based on accurate information and assure that information provided to third parties is accurate, complete, and can be trusted.
Our regulatory compliance practice is one of the fastest growing team within PwC Cyber. Our teams leverage the subject matter experts within the Cyber practice (e.g., Cloud team) to innovate and change how we perform regulatory compliance work through the use of innovative tools. PwC Cyber also operates a wide variety of cyber security operations (e.g., cloud, SecDevOps, offensive security, incident response, security operations center, threat intelligence, etc.) - Successful candidate will be exposed to working in a dynamic team of subject matter experts with different skillsets.
To really stand out and make us ﬁt for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
Our team helps business leaders protect and manage their risk related to information regarding technology, people, systems, processes, culture, and physical surroundings. We help clients' understand their current capability and develop a plan to target cyber security investment, helping to respond to actual cyber incidents, and advising on legal issues related to breaches, data privacy, and protection.
As a Manager, you will be leading our cyber technology risk team , helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
- Take action to ensure everyone has a voice, inviting opinion from all.
- Establish the root causes of issues and tackle them, rather than just the symptoms.
- Initiate open and honest coaching conversations at all levels.
- Move easily between big picture thinking and managing relevant detail.
- Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realizes they are required.
- Develop specialized expertise in one or more areas.
- Advise stakeholders on relevant technical issues for their business area.
- Navigate the complexities of global teams and engagements.
- Build trust with teams and stakeholders through open and honest conversation.
- Uphold the firm's code of ethics and business conduct.
- Lead and build the practice.
Required skills/ experience:
- University degree majoring in accounting, information systems or business related subjects
- Relevant professional qualifications such as certification holders (e.g., CISSP, CISA, CISM, ISO27001 Lead Auditor, Cobit, Azure / AWS, CEH, OSCP, etc.) is preferred
- Minimum of 8 years of relevant experience with a reputable international accounting/consulting firm or multi-national financial services organisation (candidates with less years of experience will be considered for Manager positions)
- Practical experience in management and leading team of consultants
- Practical experience in two or more of the following: regulatory advisory, internal controls, risk management, operational / technology risk management, business & system processes review, internal audit, corporate governance and business consulting;
- Practical experience in one or more of the following industries:
- Asset management (working knowledge of distribution channels, controls and processes - prime brokerage, fund administration, fund management (retail, institutional, and/or real estate / private equity, etc.))
- Banking and capital markets (working knowledge of client on-boarding / KYC / AML / product suitability and other regulatory compliance, front office activities in products / sales channels, middle and/or back office control, operational / technology risk management - commercial banking, private banking, investment banking)
- Insurance (working knowledge of underwriting, claims, reserving, Solvency II, policy administration systems - general or life insurance)
- Experiences understanding and leveraging well known cyber security controls framework such as NIST Cybersecurity Framework, HKMA C-RAF, etc.
- Knowledge and experiences in performing regulatory compliance assessment to address requirements issued by the HKMA (TM-E-1, TM-G-1&2, SA-2, SVF, remote account opening), SFC (cybersecurity, IT risk management and remote account opening) and Insurance Authority (cybersecurity and outsourcing)
- Knowledge in performing audit or pre-audits over compliance framework such as SOC2/3, ISO27001, etc.
- Experience with IT risk / technology risk management and three line of defense
- Understanding / experiences on emerging technology such as Cloud, eKYC, etc. Other FinTech related experiences also desired and welcomed.
- Understanding of common cyber security technologies, architecture and processes including cloud security, zero-trust, DLP, IAM, SOC, Offensive Security, Digital Forensics and Incident responses
- Ability to identify and assess business process controls and linkage to IT systems;
- Excellent communication skills in English and Chinese (candidates with Mandarin skills preferred);
- Advanced report writing skills in English and Chinese;
- Flexible, self-starter possessing intellectual curiosity;
- Ability to interact with executive levels of client and firm management;
- Effective time management and project management, interpersonal and influencing skills are essential; and Flexibility to travel to out-of-town engagements
The PwC China (including Mainland China, Hong Kong, Macau) does not accept unsolicited resumes from search firm recruiters. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of PwC China (including Mainland China, Hong Kong, Macau). PwC China (including Mainland China, Hong Kong, Macau) is an equal opportunity employer. All aspects of employment will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under the local law. Education
(if blank, degree and/or field of study not specified)
Degrees/Field of Study required:
Degrees/Field of Study preferred: Certifications
(if blank, certifications not specified) Desired Languages
(If blank, desired languages not specified) Travel Requirements
Up to 60% Available for Work Visa Sponsorship?
Yes Government Clearance Required?
No Job Posting End Date