In today's changing environment, government agencies are seeing an increase in physical and cyber threats, financial and performance reporting requirements, diversity in the workforce, and the impact of rapidly changing technologies. Our growing Public Sector Advisory practice provides management consulting, technology consulting and risk consulting services to help government agencies anticipate and address their most complex challenges. Our Public Sector practice works with Federal, State and Local Governments as well as International Agencies on a range of complex matters. Additionally, our Junior Military Office program provides an opportunity for service members who excelled in their military career to continue serving their country through Public Sector consulting.
PwC's IT Security, Privacy & Risk Consultants are a team of business integrators with extensive consulting and industry experience who help our clients solve their complex business issues from strategy through execution. A PwC consulting career may provide the opportunity to grow and contribute in our IT Security, Privacy & Risk competency that we apply to our clients' business issues every day, including a collection of security spectrum capabilities, including security strategy and governance, IT risk, security technologies, and cybercrime and breach response.
Demonstrates proven thorough knowledge in security and related problem-solving to develop and provide client-focused solutions to complex problems for their end-to-end security architecture (holistic, enterprise-wide view) and related protections, including:
- Various phases of designing security solutions--conducting analyses, developing specifications, designing, constructing, testing and implementing information into prototypes and deliverables
-Security standards and testing tools and methods
-Security solutions across data leakage protection, encryption, tokenization, event management, anomaly detection, log monitoring, file integrity, mobile security, endpoint security, applications, firewalls, networks, and enterprise wide security management tools
Demonstrates proven thorough abilities and success with managing project and engagement workstreams within a progressive consulting environment and/or system security, controls or information security management environments, which include the following:
- Leading various aspects of full lifecycle delivery of information security related initiatives, including vision and strategy development, vendor selection, business use-cases, requirements gathering, solution analysis and development--designing, building, testing, deploying and activating.
- Identifying and addressing client needs by developing and sustaining deep client relationships using networking, negotiation and persuasion skills; preparing and presenting complex written and verbal materials; and defining resource requirements, project workflow and budgets.
- Leading teams to generate a vision, establish direction, motivate team members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.
- Abstracting the solution architecture into different views and domains, apply critical thinking skills, technical ingenuity, creativity, and resourcefulness to establish viable security levels and standards.
-Utilizing oral and written communication skills when interfacing and collaborating with clients, peers, and management to develop solutions, emphasizing a client-based focus to understand and respond approptiately to business requirements.
-Integrating work across relevant areas, emphasizing the development of business and services to enhance customer satisfaction and productivity, manage risks and safety appropriately, development and execution business plans, manage information, and providing of exceptional service to internal and external customers.
-Exhibiting effective resource and project planning, decision making, results delivery, team building, and staying current with relevant technology and innovation.
Travel requirements: 100%
Minimum Years of Experience Necessary:
Minimum Degree(s) and Certification(s) Required:
Certified Information Systems Security Professional (CISSP) or other security certifications preferred
•Ability to relocate to Seattle, Washington
•Bachelors Degree required - Prefer Accounting or Information Systems Major
•2 - 5 years information technology (IT) assessment or auditing experience in the federal space to include: risk and controls assessments, information security assessments, external or internal audit, and IT governance, as well as Sarbanes-Oxley, A-123 and/or FISMA compliance
•Recent experience in performing FISMA and FedRAMP controls readiness or assessments
•Familiarity with cloud computing technology, security, and risks a plus
•CISSP a plus
•Secret or Top Secret Clearance preferred
Position-specific desired skills:
•Ability to travel roughly 30-40% around western US, and to Washington, DC
•Ability to deliver high quality, enterprise-wide, innovative services and solutions to large-scale clients
•Familiarity with assessing enterprise IT risks and making recommendations to enhance information assurance
•Experience identifying and testing IT general and application controls
•Experience working collaboratively with or leading engagement teams
•Excellent written and oral communication skills
•Demonstrated ability to work directly with clients and prepare/deliver presentations to senior officials
•Working knowledge of Office of Management and Budget (OMB), Government Accountability Office (GAO), National Institute of Standards and Technology (NIST), and other federal requirements and guidance