Line of Service
Internal Firm Services
Industry/Sector
Not Applicable
Specialism
Operations
Management Level
Specialist
Job Description & Summary
At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives.
As a business application consulting generalist at PwC, you will provide consulting services for a wide range of business applications. You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis, implementation, training, and support.
Job Description & Summary :
The CISO & DPO is a senior leadership role (Senior Director level) accountable for leading the organization’s cyber security strategy, information security governance, and data protection operations. The role is split equally (50/50) between cyber security leadership and privacy governance. The incumbent will own the CISO office agenda, strengthen enterprise security posture, drive NIS and information security control implementation, and ensure alignment with the DPDP Act. This position requires a strategic leader capable of influencing executive stakeholders and managing cross-functional teams across technology, business, legal, and risk departments.
Define and lead cyber security strategy, operating models, and governance routines. Drive continuous improvement across security and privacy processes, playbooks, and SOPs.
Oversee incident response, vulnerability management, DLP, security exceptions, and remediation tracking.
Lead DPDP Act 2023 compliance, privacy risk assessments (DPIA/DPRA), data principal rights governance, and privacy incident coordination.
Mentor and develop multi-disciplinary teams. Manage cross-functional working groups involving IT, Legal, Risk, and business units.
Provide executive-level reporting on cyber risk, incident trends, regulatory readiness, and remediation status.
Years of experience required :
20–25 years of overall experience in information security, cyber risk, technology risk, security governance, IT risk management, privacy governance, or regulatory compliance.
Education qualification :
Bachelor's degree in Engineering , Computer Science, Information Systems, Cyber Security, Risk Management, or related discipline (essential).
Preferred certifications include CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer/Lead Auditor, ISO 22301, CCSP, or CIPM.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:
Degrees/Field of Study preferred:
Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Reasoning, Application Software, Business Data Analytics, Business Management, Business Technology, Business Transformation, Communication, Documentation Development, Emotional Regulation, Empathy, Implementation Research, Implementation Support, Implementing Technology, Inclusion, Intellectual Curiosity, Optimism, Performance Assessment, Performance Management Software, Problem Solving, Product Management, Product Operations, Project Delivery {+ 11 more}
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Not Specified
Available for Work Visa Sponsorship?
No
Government Clearance Required?
No
Job Posting End Date
July 30, 2026