IT Services- Application Security Architect Senior Manager

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in application security at PwC will be responsible for providing security services to development teams including code scanning, readiness testing, and penetration testing to enable application teams to build and deploy secure applications in Production. You will utilise a risk-based methodology and "shift-left" approach to engage early in the software development lifecycle.

Growing as a strategic advisor, you leverage your influence, expertise, and network to deliver quality results. You motivate and coach others, coming together to solve complex problems. As you increase in autonomy, you apply sound judgment, recognising when to take action and when to escalate. You are expected to solve through complexity, ask thoughtful questions, and clearly communicate how things fit together. Your ability to develop and sustain high performing, diverse, and inclusive teams, and your commitment to excellence, contributes to the success of our Firm.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Craft and convey clear, impactful and engaging messages that tell a holistic story.
• Apply systems thinking to identify underlying problems and/or opportunities.
• Validate outcomes with clients, share alternative perspectives, and act on client feedback.
• Direct the team through complexity, demonstrating composure through ambiguous, challenging and uncertain situations.
• Deepen and evolve your expertise with a focus on staying relevant.
• Initiate open and honest coaching conversations at all levels.
• Make difficult decisions and take action to resolve issues hindering team effectiveness.
• Model and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements., As part of the Cybersecurity team, you will lead the charge in enhancing application security and driving innovative solutions. As a Senior Manager, you will serve as a strategic advisor, leveraging your knowledge to deliver quality results while securing operational excellence in client interactions., * Lead initiatives to enhance application security across various platforms
• Develop creative solutions that address client needs and industry challenges
• Serve as a trusted advisor to clients, securing quality service delivery
• Collaborate with cross-functional teams to drive operational excellence
• Analyze security risks and implement impactful mitigation strategies
• Foster a culture of continuous improvement within the cybersecurity team
• Communicate complex technical concepts clearly to stakeholders
• Stay updated on industry trends and emerging technologies

• High School Diploma
• At least 6 years of experience

What Sets You Apart

• Bachelor's Degree preferred
• Certifications in CISSP, CISM, CISA, CCIE, CCNA, CCNP and CCSA preferred
• Demonstrating knowledge of application security solutions
• Analyzing application security vulnerabilities and executing processes
• Collaborating with teams to enhance application security
• Interacting with project management on application projects
• Implementing strategies for vulnerability review and remediation
• Identifying complex business cases for security solutions
• Monitoring vendor application development processes

Preferred Knowledge/Skills :

Demonstrates thorough knowledge and/or a proven record of success in the following areas:

• Possessing knowledge and experience with application security solutions and web hosting architecture and principles
• Leveraging experience with Software development including web, mobileapplicationsand development languages
• Having experience with commercial Source Code Analysis/Static Application Security Testing Tools
• Understanding of application source code vulnerability mitigation processes
• Recognizing risk assessment/acceptance factors that can affect business and security decisions
• Having knowledge of and experience with Business processes and drivers that can affect systemdesign;
• Analyzing application security vulnerabilities and executing mitigationstrategies;
• Leveraging review processes using application threat vulnerability tools, scanning techniques and/or code reviewresults;
• Using assessments of vulnerabilities, sources of threats, and current security guidance todeterminethe effectiveness of mitigationplans;
• Collaborating with teams toidentifyopportunities and provide recommendations on how application security can be built into projectdevelopment;
• Interacting with project management team members and key stakeholders on applicationprojects;
• Reviewing application threat vulnerability assessments on application developmentprojects;
• Implementing strategy for application threat vulnerability review andremediation;
• Identifyingand documenting complex business cases toassistin gaining internal support to implement securitysolutions;
• Collaborating with team members and stakeholdersvirtually;
• Evidencing communication skills, both written andverbal;
• Having customer service experience/skills;
• Multitasking andpossessingtime management skills; and,
• Possessing analytical skills and attention to detail.
• Secure Software Development Lifecycle (Secure SDLC) Tools & Automation
• Threat Modeling and Risk Assessment Technologies
• Cloud-Native Application Security
• AI, GenAI & Machine Learning Security
• API Security & Modern Connectivity
• Observability, Monitoring & Incident Response in Application Security
• Identity and Access Management (IAM) & Authentication
• Quantum-Resistant Cryptography (Emerging), Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Application Security, Application Security Assessment, Azure Data Factory, Cloud Application Development, Cloud Security, Coaching and Feedback, Coding Standards, Communication, Creativity, Cybersecurity, DevOps Practices, Embracing Change, Emotional Regulation, Empathy, Endpoint Security, Forensic Investigation, Hosting Controllers, Inclusion, Influence, Information Security, Intellectual Curiosity {+ 38 more}

The salary range for this position is: $136,500 - $262,000. Actual compensation within the range will be dependent upon the individual's skills, experience, qualifications and location, and applicable employment laws. Additionally, individuals may be eligible for an annual discretionary bonus. For roles that are based in Maryland, this is the listed salary range for this position.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified), We offer a comprehensive, flexible and competitive benefits program. It provides access to programs that can be tailored to meet the personal health and financial well-being needs of our employees and their families. Our benefits include medical, dental and vision coverage, health savings accounts; mental health support, family and caregiver support, a robust time off policy inclusive of sick, vacation and holiday time; and a retirement savings plan with Roth features and company match.

PwC provides services to 420 out of 500 Fortune 500 companies. The firm was formed in 1998 by a merger between Coopers & Lybrand and Price Waterhouse.