Job Description & Summary

PwC IT Services Limited provides shared technology services to the PwC network of member firms in a secure, legally compliant, efficient and transparent manner.

The IT Quality Control Manager will be a member of the Global Hosting Services (GHS) Service Management & Compliance team and comes to the organization having experience in quality control especially in IT Information Security area with a background in IT infrastructure services. The role holder will be responsible for managing and coordinating GHS Operations Information Security related projects, compliance audits and supporting compliance activities primarily in relation to the GHS including:

Managing, monitoring and maintaining the compliance of IT processes for Global Hosting Services, ensuring quality and compliance with the agreed compliance frameworks
Supporting PwC IT Services’ Information Security Management System (ISMS) and contributing to the continuous improvement of operational processes and the ISMS by monitoring the performance of the GHS Operations, its compliance with existing laws and regulations, its alignment with emerging threats and incident trends, and compliance with the PwC Information Security Policy (ISP).
Coordinating the on-going enhancements to the GHS Information Security posture and compliance with third-party vendors and PwC Network Information Security (NIS) team.

The Global Hosting Service provides and operates highly available 24/7 servers, Iaas and PaaS across multiple global on-premise hosting centers and Public Cloud Service Providers.

The role holder will report to the GHS Compliance Leader and will also work collaboratively with the PwC IT Services Ltd Compliance and CISO function.

GHS Ops IT Quality Control Manager

Basic Qualifications: ​

Minimum Degree Required: High School Diploma

Minimum Years of Experience: 5 years in IT infrastructure services, preferably hosting services, and at least another 2 year of managing Quality Control and/or Assurance, Compliance, Certification, Information Security or related activities.

Preferred Qualifications:

Degree Preferred: Bachelor Degree

Preferred Fields of Study: Information Technology, Computer Systems, Management Information Systems

Certification(s) Preferred:

ITIL certification, Azure/GCP/AWS certifications, Professional security certifications or membership in similar organizations, e.g. Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), and Certified Information Systems Manager (CISM) is a plus.

Preferred Knowledge/Skills:

Demonstrates intimate abilities and/or a proven record of success as a Manager, preferably for an international firm or organization, including the following areas:

• Demonstrated understanding/commitment to ITIL processes and standards.

• Demonstrating knowledge of task-planning and resource allocation; time management, finance and quality management; teamwork dynamics and effectiveness; analytics and metrics monitoring and reporting; and documentation and recordkeeping.

• Excellent communication skills, analytical ability, exercising professional skepticism, strong judgment and leadership skills, and the ability to work effectively with Leadership and team members.

• Working and collaborating with multicultural teams in multiple locations.

• Utilizing interpersonal skills by collaborating effectively; communicating clearly, concisely and tactfully with senior management, clients, peers, and staff.

• Ability to identify and communicate complex technical issues to both technical and non-technical business representatives.

• Experience in security aspects of multiple operating systems, applications, communications and network systems and protocols. Demonstrate expertise in securing (hardening) operating systems in production environments, with primary emphasis on Microsoft and Linux based systems.

• Knowledge and administration of common cloud providers (Azure, GCP, AWS) and virtualization technologies (Hyper-V, VMware).

• Working both as a collaborative member of a high-performing team and working independently and proactively; Be capable of working autonomously and manage his/her workload.  

• Practical experience in scripting solutions to meet specific needs (e.g. PowerShell, Splunk, etc).

• Experience in using data analysis and business intelligence tools like Power BI or Tableau is an advantage.

• Demonstrating knowledge of information security, procedures and reporting standards, in particular SOC2 type 2 and ISO 27001 in the context of cloud and on prem hosting services. Experience in implementing or operating with compliance standards and frameworks such as ISO 27001, SOC 2, etc. Ability to understand the legal and regulatory requirements and business drivers, and to integrate these into the operating model.

• Ability to design, evaluate and document process improvements. Experience in leading process improvement teams and interacting with technical managers and development teams.

Responsibilities:

Besides responsibilities listed in the ‘Job Summary’, role holder will be responsible for:

• Working with Asset and Configuration Management across the GHS.

• Maintaining compliance with Change Control Processes and adhering to standards and documentation.

• Working with third-party service providers to maintain and improve quality, compliance and consistent delivery of service to published SLAs.

• Working with GHS and non-GHS Operations teams to establish and maintain Disaster Recovery plans.

• Working with the GHS Operations team and with NIS Vulnerability and other relevant teams on continuous improvement of Vulnerability Management in GHS space, coordinating a GHS Operations team’s response in case of critical vulnerabilities identified, or similar events.

• Driving report creation, consolidation, and analysis, by utilizing Microsoft Office and G Suite tools, to create deliverables; Creating and producing presentation slides; practice methodologies and tools; policies and procedures; and/or other standard business communications; Responsible for collation of data and the distribution of periodic and ad hoc operational/compliance reports as required.

• Anticipating and negotiating consensus amongst diverse groups while creating a positive impact in the activities of others not in their own reporting structure.

• Ability to travel internationally to facilitate compliance audits and activities (approximately 20%).

• Being responsible for awareness and compliance with all aspects relating to policy and guidelines of the Information Security Management System (ISMS), including but not limited to the Information Security Policy (ISP).

• Performing all related job functions following established processes and procedures in order to preserve the confidentiality of information hosted and managed by the PwC IT Service Ltd. from unauthorized disclosure.

• Protecting the integrity of information hosted and managed by the PwC IT Service Ltd. from unauthorized or accidental modification, and protecting the accuracy and completeness of this information.

• Being responsible for reporting any (known or suspected) breach in information security or policies.