Who are we?
PwC’s Operate delivers operational and managed services solutions to clients across a range of situations often associated with their regulatory, risk and/or compliance agendas. Our teams work across a breadth of sectors and industries including: Financial Services, Oil & Gas, Automotive and Social Media. We bring together regulatory insight, highly skilled operational resources and an unrivalled technology offering to provide a high quality and cost effective solution to operational delivery challenges.
Our capabilities stretch across a number of business pillars including Financial Crime Operations, Compliance Testing, Technology Solutions and Customer Management. We have over 2,000 people located in our purpose built, secure delivery centre in Belfast and across our regional offices in London, Manchester, Cardiff, Glasgow and Edinburgh; as well as on a range of client sites.
About the role
As a Third Party Senior Associate, your role is to work on Third Party Risk Management (TPRM) engagements to help identify and reduce the risks associated with using third parties. You will work alongside clients from a variety of industries, granting insight into the third parties they use and the safeguards they have in place. You will use your experience to coach others across your team, driving knowledge sharing, alignment and quality output. We are looking for self-motivated and experienced information security individuals with experience in performing third party risk management activities.
Your key responsibilities will be:
Liaise with key stakeholders to gather information on relevant third parties, determining scope of assessment.
Perform segmentation to effectively organise and manage third party populations, prioritising vendors based on criticality and risk posed to the organisation.
Conduct outreach and due diligence assessments for new and existing vendors.
Review completed assessments and third party evidence. Assess adherence to contractual agreements, industry standards and laws and regulations.
Apply knowledge of Information Security, Data Privacy and Compliance principles, and Third Party Risk Management processes.
Evaluating Control Environments and conducting design effectiveness testing over policies and procedures.
Identify areas of risk and non-compliance. Evaluate impact of risk on the organisation e.g. if a risk was exploited, what would be the financial or reputational impact.
Negotiate the remediation of the identified risks with the organisations.
Create risk reports, reporting identified risks to senior stakeholders. Support remediation of risk, manage and track identified risks until closure.
Monitor and maintain personal Key Performance Indicators (KPIs), ensure targets and deadlines are met.
Collaborate with colleagues across your wider team to drive ideas and solutions. Work to align processes and procedures, driving consistency across Technology Risk.
Assist with the development and implementation of project documentation and guidance.
Support others through coaching and share key knowledge. Conduct shadowing sessions and perform peer review.
Who are we looking for?
We are looking for highly-motivated individuals who will play a vital role in setting quality standards for their team by sharing knowledge and following best practices to deliver a quality service for our clients.
xperience working within Third Party Risk Management.
Knowledge of information risk and compliance principles. Broad understanding of security technology and related risk and compliance issues.
Excellent written and verbal communication skills.
Ability to build relationships with various stakeholders and adapt communication style appropriately.
Ability to adapt to new or changing processes quickly whilst planning and prioritising own workload to meet deadlines and targets.
Proficiency with Microsoft Office Suite.
Understanding of business and commercial metrics.
Ability to apply a risk-based approach across third party due diligence assessments
Knowledge of Information Security Standards such as ISO 27001 and SOC.
Knowledge of reporting and workflow Tools such as Azure Dev Ops and PowerBI.
Experience managing and tracking remediation population.
Experience in quality reviewing and testing work of others to ensure high quality standards and client expectations are met.
Relevant security related certification (e.g. CISA, CISSP, CISM, Security+)
What is in it for you?
This is a challenging but rewarding role, directly influencing team members to achieve our strategic growth ambitions. You will also be given the opportunity to employ your skills across a broad range of global client programmes. We’re also exceptionally passionate about providing you with the necessary skills, experience and training to help you develop both personally and professionally. You’ll therefore be included on our specific training framework, tailored to match your skills, needs and career aspirations. Fully funded by us, you’ll complete externally accredited qualifications that will benefit you in the roles you are working in. Our training programme is further enhanced through a variety of softer skills training sessions focusing on your relationships and leadership skills.
In addition to the client projects and training, our employees are also rewarded with various other benefits offered as part of your employment:
Our dedicated internal Careers Service.
Competitive salary plus a potential discretionary bonus (performance related)
25 days standard holiday pro rata, with options to increase this through your benefits package
A flexible benefits scheme that can be tailored to suit your (and your family’s) needs. Provision of a group pension plan with additional funding provided by PwC
Where will you be based?
The role will be based in Belfast; however as a result of the wide variety of clients and projects, you may be asked to work in other locations within the UK and beyond, sometimes at short notice and sometimes over lengthy periods of time. Your desire and ability to do this will be discussed as part of the recruitment process. Candidates who are unable or do not wish to work on projects in other locations will still be considered.
Not the role for you?
Did you know PwC offer flexible contract arrangements as well as contingent work (ie temporary or day rate contracting)?
The skills we look for in future employees
All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, ‘The PwC Professional’ and are made up of five core attributes; whole leadership, technical capabilities, business acumen, global acumen and relationships.
Learn more here:
We want all of our people to feel empowered to be the best that they can be, which is why we have ‘The Deal’.
Find out more about our firmwide Employee Value Proposition:
Valuing Difference. Driving Inclusion.
We work in a changing world which offers great opportunities for people with diverse backgrounds and experiences. We seek to attract and employ the best people from the widest talent pool because creating value through diversity is what makes us strong as a business, enabling us to solve important problems and deliver value to our clients. We encourage an inclusive culture where people can be themselves, are valued for their strengths and are empowered to be the best they can be. As an organisation with an increasingly agile workforce, we also support different ways of working offering flexible working arrangements. Learn more here about our work to support an inclusive culture.