PwC India
Website:
pwc.in
Job details:
Line of Service
Advisory
Industry/Sector
Not Applicable
Specialism
Microsoft
Management Level
Senior Associate
Job Description & Summary
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.
Those in application security at PwC will be responsible for providing security services to development teams including code scanning, readiness testing, and penetration testing to enable application teams to build and deploy secure applications in Production. You will utilise a risk-based methodology and "shift-left" approach to engage early in the software development lifecycle.
*Why PWCAt PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "
Responsibilities:
● Work with Risk Reviewers to ensure tickets are being processed accurately and efficiently
● Work with Consultation Services Architects to identify gaps in compliance and determine inherent risk, mitigating factors, and residual risk
● Collaborate with other AppSec subpillar teams to ensure relevant processes are completed as necessary and in good standing to support AR disposition
● Interface with customers to provide guidance relevant to AppSec requirements
● Escalate risks and other concerns to Application Readiness Regional Leads, BISOs, CISOs, and other relevant stakeholders
● Interface with a number of other NIS service providers, such as Policy, TPRM, Issues Management, Threat Management
● Provide disposition on tickets and publish other deliverables as applicable
Skills Needed:
● Strong communication skills
● Strong English written and verbal skills
● Customer service skills to create a exceptional customer experience
● Strong organizational and time management skills to support multiple concurrent reviews
● People leadership skills to provide oversight of Risk Reviewers, coaching and mentoring in an informal fashion
● Self- Awareness
● Ability and confidence to exercise professional skepticism with soft skills to do so with diplomacy
● Knowledge of the Information Security Policy, Application Readiness Standard, and applicable supporting Standards
● Ability to assess whether a control is 'met' or 'not met' (black and white)
● Ability to navigate the grey when a control does not meet the letter of the control
● Ability to review documentation analytically, and assess control compliance based on information/ documentation provided.
● Ability to evaluate complex data and determine whether data can be used to support the reviews being conducted
● Ability to pull facts and details related to controls from different types of documentation and diagrams submitted
● An understanding of when and how to escalate
Skill and Experience:
● Good understanding of Application IT Security Standards, on-premise as well as cloud-based.
● Good understanding of risk management and experience with identifying and assessing potential information security risks.
● Good understanding and exposure to technical risk assessment along with vulnerability assessment and penetration testing.
● Strong communication skills and the ability to provide risk guidance, inform management about potential risk issues, and relay information about policy requirements effectively
● Proper Experience in coordination of issue tracking, Follow-Ups, communication skills in a global environment.
Desired Certifications: (not mandatory)
● CISSP / CISM /CISA / CCSK / CCSP / CRISC "
Mandatory Skill sets:
VAPT
Preferred Skill sets:
VAPT
Years of Experience Required:
NA
Education Qualification:
NA
Required Skills
WAPT Pro
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Application Security, Application Security Assessment, Azure Data Factory, Cloud Application Development, Cloud Security, Coding Standards, Communication, Creativity, Cybersecurity, DevOps Practices, Embracing Change, Emotional Regulation, Empathy, Endpoint Security, Forensic Investigation, Hosting Controllers, Inclusion, Information Security, Intellectual Curiosity, Learning Agility, LoadRunner (Software Testing Tool) {+ 30 more}
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Available for Work Visa Sponsorship?
Government Clearance Required?
Job Posting End Date
April 2, 2026
Click on Apply to know more.