Senior Associate – OT Security – Cyber as a Service – Advisory – Bangalore

Line of Service

• Advisory

Industry / Sector

• Not Applicable

Specialism

• Risk

Management Level

• Senior Associate

Job Description & Summary

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls.

Those in internal audit at PwC help build, optimise and deliver end‑to‑end internal audit services to clients in all industries. This includes IA function setup and transformation, co‑sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth.

Why PwC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose‑led and values‑driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

PwC is an equal employment opportunity employer. We provide equal opportunities without discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We have zero tolerance for any discrimination and harassment based on the above considerations.

Role Summary

You will work as part of the Cybersecurity practitioners with extensive consulting and industry experience, helping our clients solve their complex business issues from assessments, strategy, governance to deploying OT security solutions. To be successful in this role you should have:

• 4‑7 years of experience
• 2‑4 years of experience in Control systems
• Minimum 2 years of experience in ICS/OT security
• Experience in sectors including Electricity, Oil & Gas, Water, Transport & Logistics, Chemical, Power Sectors, Nuclear and Manufacturing
• Experience of working with IT security managers, Plant managers and ICS/OT engineers
• Broad range of security experience with a distinct specialization in the following areas:
  • Subject matter expert (SME) on ICS/OT topics for the larger consulting practice
  • Design and architect security standards for ICS networks across devices of multiple OEMs
  • Strong understanding of IT and OT network communication protocols (e.g., TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
  • Extensive working and implementation experience of security standards (e.g., IEC 62443, NIST 800‑82, NCSC/CPNI SICS Framework, etc.)
  • Lab/real‑life experience with penetration testing of PLC‑s, SCADA
  • Proficiency with security monitoring architecture for ICS networks
• Create niche propositions for ICS security across relevant industries, converse with clients around their problems and challenges, and arrive at solutions tailored to their needs

Responsibilities

• Setup/orchestrate a test lab for simulating real‑world attacks and create an experience center for clients
• Contribute to the firm’s overall Cybersecurity practice priorities and aspirations

Mandatory Skill Sets

• GICSP or/and GRID

Preferred Skill Sets

• GICSP or/and GRID

Years of Experience Required

• 4+ years

Education Qualification

• BE / B.Tech with a good academic background
• At least one or more certifications from: CISSP, ISO 27001, CISA, CRISP, Global Industrial Cyber Security Professional (GICSP) of SANS
• Familiarity with ISO/IEC 62443, NIST SP 800‑82, NIST RMF

Degrees / Field of Study Required

• Bachelor of Engineering
• Bachelor of Technology
• Master of Business Administration

Certifications (required)

• GICSP or/and GRID (also listed under skill sets)

Required Skills

• Data Privacy

Optional Skills

• Accepting Feedback
• Accounting and Financial Reporting Standards
• Active Listening
• Analytical Thinking
• Artificial Intelligence (AI) Platform
• Auditing
• Auditing Methodologies
• Business Process Improvement
• Communication
• Compliance Auditing
• Corporate Governance
• Creativity
• Data Analysis and Interpretation
• Data Ingestion
• Data Modeling
• Data Quality
• Data Security
• Data Transformation
• Data Visualization
• Embracing Change
• Emotional Regulation
• Empathy
• Financial Accounting
• Financial Audit
• (+ 24 more)

Travel Requirements

• Not Specified

Available for Work Visa Sponsorship?

• No

Government Clearance Required?

• No

Experience Level

• Senior Level