About the role
AI summarisedJoin PwC's Risk Services – Technology Risk Services team to advise clients on building trust and turning complexity into competitive advantage. This dual-reporting role focuses on leading Cybersecurity Exercises and conducting CII Risk Assessments for clients across various sectors, helping them manage and mitigate cyber risks to essential services.
ConsultingOnsite
Key Responsibilities
- Lead the end-to-end conduct of cybersecurity exercises, including pre-sales, planning, scenario development, and reporting.
- Conduct current state discovery regarding client technology infrastructure, cyber resilience programs, incident response plans, and playbooks.
- Design relevant exercise scenarios aligned with the client's specific environment and context.
- Facilitate exercises, acting as both the exercise facilitator and technical advisor to scenarios.
- Conduct post-exercise debriefs and after-action review workshops, developing comprehensive exercise reports with actionable recommendations.
- Lead and manage CII risk assessment engagements from scoping through execution and final reporting.
- Identify and assess cyber risks to Critical Information Infrastructure, including threats, vulnerabilities, and potential impact on essential services.
- Review and evaluate the adequacy of CII owners' cybersecurity policies, processes, and technical controls against regulatory requirements.
Requirements
- Proven experience in cybersecurity risk management or assurance.
- Ability to conceptualize, design, and execute high-stakes cybersecurity exercises.
- Expertise in conducting risk assessments for Critical Information Infrastructure (CII).
- Strong understanding of Singapore's regulatory requirements concerning essential services.
- Ability to collaborate with Directors and cross-functional teams on dual workstreams.
- Excellent presentation skills for tailoring reports to various stakeholder audiences.