Security Architect - Senior Associate

The Security Architecture team works closely with our innovation and technology teams across the business as an enabler to integrate security in their programmes of work by providing advice and guidance on technology being developed by PwC teams.

The team identifies new opportunities to improve the Firm and global Network's information security protection by designing and influencing the complex set of internal security services that reduce PwC's risk. The Security Architecture team provides the expertise to accelerate innovation and emerging technology to enable us to deliver maximum value to the PwC UK firm and our clients., As a Security Architect within the UK CISO function, you will work primarily with internal stakeholders in a non-client facing role. You will be responsible for providing security architecture and technical expertise in support of the UK CISO's strategic goals and to enable the UK firm's technology enablement strategy. This will include:

• Supporting business teams to design secure technology solutions aligned to the strategy of the global Network of PwC member firms.

• Engaging business and technology stakeholders at all levels of seniority and specialism to gather their goals and requirements

• Performing architecture design reviews and threat modelling to identify potential risks

• Putting forward controls and mitigations that ensure PwC UK's data and reputation are protected

• Contributing to reference architectures to promote security by design

• Helping to evolve security governance and procedures used by both PwC UK and the global Network of member firms

• Supporting Senior Architects and taking an active role in impactful security projects and initiatives across all technology domains, with a current focus on Cloud and AI Security

• Assessing any risks associated with new technologies or proposed changes in recommended architectures and design patterns, and advising on important security-related technologies

• Contributing to the delivery of technology transformation programmes and global security initiatives

Do you have experience in Information security?, * Strong communicator, comfortable working with business teams and technical audiences with a passion and interest in the cyber security arena

• Able to build relationships and collaborate with a range of UK and global stakeholders including global information security experts, emerging technology specialists and risk teams

• Problem-solver who can prioritise and identify problems and exercise sound judgement to escalate when appropriate

• Ability to adapt and learn new concepts quickly and advocate/champion the principles of security best practice

• Broad understanding of technology and how security is applied to technology in an enterprise setting

• Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance

• Ability to frame threats and exposures in a business context recognised by non-technical staff and executives

• High level understanding of PwC's business model, service offerings, and business operating environment as it pertains to the firm's threat landscape

Experience & Qualifications:

• 2-3 years in Information Security or adjacent roles (e.g., Security Engineering, Security Operations, Application Security)

• Foundational understanding of enterprise security concepts such as IAM, network security basics, encryption/key management, vulnerability management, application security, data security, etc

• Ability to read and produce basic architecture diagrams and write clear, concise security requirements

• Strong communicator, collaborative, curious and comfortable learning new technologies

• Cyber Security or Security Architecture certifications welcome from recognised institutions, e.g. ISC2, ISACA, CompTIA, SABSA, BCS, etc

• Exposure to at least one major cloud provider (Azure, AWS, GCP) and its core security services

• Domain landscape knowledge of governance and technical security principles

• Experience participating in design or change reviews

PwC provides services to 420 out of 500 Fortune 500 companies. The firm was formed in 1998 by a merger between Coopers & Lybrand and Price Waterhouse.