PwC NIS Risk and Compliance Senior Associate in McLean, Virginia

PwC/LOS Overview

PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.

We help resolve complex issues for our clients and identify opportunities. Learn more about us at

At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional ( provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.

Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready

  • to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at

It takes talented people to support the US firm of the largest professional services organization in the world. Not all of us work directly with external clients. Some of our best people choose to apply their talents inside PwC.

As part of Internal Firm Services, you're serving an organization on par with many of our external clients. Our Internal Firm Services team consists of first-rate marketers, human resource professionals, computer technologists, knowledge managers, accountants, financial planners, administrators and leaders. Internal Firm Services staff are the people who make it work for the people who make it work for our clients.

Job Description

The PwC Member Firm Information Security team is responsible for providing comprehensive information security services and routine coordination internally to PwC. The team works closely with engagement teams across the member firm on information security matters and coordinates with other functional groups as needed.

The team provides advice and informs engagement and member firm/line of service teams about various contractual requirements and government laws and regulations as they pertain to information security.

The team leverages functional expertise to help client service teams solve problems.

Position/Program Requirements

Minimum Year(s) of Experience: 2

Minimum Degree Required: High School Diploma or GED

Degree Preferred: Bachelor's degree

Knowledge Preferred:

Demonstrates thorough knowledge of, and/or proven record of success in, firm priorities, Network Information Security concepts, principles and standards and their application in a large enterprise environment, preferably for a global network of professional services firms, with emphasis in the following areas:

  • Understanding and leveraging information security policy and procedure development and maintenance (including security awareness and role-based security training);

  • Performing and maintaining formalized risk assessments;

  • Maintaining Insider Threat Awareness training process;

  • Implementing and overseeing a compliant Risk Management Strategy;

  • Providing insight to overall security strategies and evaluating organizational progress towards agreed upon goals, and finding solutions to complex issues in order to maintain timelines and achieve project success;

  • Developing and maintaining information security training and development programs;

  • Creating and maintaining effective business relationships;

  • Writing, communicating, facilitating and presenting cogently; to and/or for all levels of audiences, and internal staff and management;

  • Developing team building skills that foster an inclusive and collaborative environment for stakeholders and team members; and,

  • Collaborating with team members to create an atmosphere of trust, seeking diverse views to encourage improvement and innovation, answering questions and providing direction to less-experienced staff, coaching staff including providing timely meaningful written and verbal feedback.

Skills Preferred:

Demonstrates thorough abilities, and/or proven record of success, supporting and/or coordinating Information Security Governance, preferably for a global network of professional services firms or matrixed environment, with emphasis in the following areas:

  • Identifying and addressing leadership and stakeholder needs;

  • Collaborating effectively with all levels of stakeholders and project resources to gather information for various project management activities, adapting strategy as needed;

  • Leveraging creative thinking, problem solving, and technology (i.e., MS Office Suite, Lotus Notes, Google at Work and other firm-sponsored technologies) to develop deliverables and analyses;

  • Working independently on projects, influencing line manager by providing project and operational planning and implementation; and,

  • Keeping team and leadership informed on progress and or issues affecting deliverables and/or the department.