IT Compliance and Quality Control Analyst

Our Internal Business Application Centre (IBACentre) team offers you the opportunity to support our core business functions by implementing applications that enable more efficient work and the delivery of top-notch services. Our team focuses on managing core and global business applications, ensuring their continuous operation, handling customer relationships, and incidents with precision.

Currently we are looking for:

IT Compliance and Quality Control Analyst

PwC IT Services Limited provides shared technology services to the PwC network of member firms in a secure, legally compliant, efficient and transparent manner.

The IT Compliance and Quality Control Officer will be a member of the Global Hosting Services (GHS) Infrastructure Operations team and comes to the organization having experience in quality control especially in IT Information Security area with a background in IT infrastructure services. The role holder will be responsible for managing and coordinating GHS Operations Information Security related projects, compliance audits and supporting compliance activities primarily in relation to the GHS.

The role holder will report to the GHS Hosting & Infrastructure Operations Leader and will also work collaboratively with the PwC IT Services Ltd Compliance and CISO function.

Your future role: 

Role holder will be responsible for:

• providing guidance to GHS Operations team on control design and implementation to support ISP and third party audit activities,

• drive remediation/hygiene/continuous improvement efforts including recommending solutions as well as driving projects to a successful conclusion to improve overall compliance maturity in the team,

• working with Asset and Configuration Management across the GHS,

• maintaining compliance with Change Control Processes and adhering to standards and documentation,

• leading initiatives with third-party service providers to maintain and improve quality, compliance and consistent delivery of service to published SLAs,

• working with the GHS Operations team and with NIS Vulnerability and other relevant teams on continuous improvement of Vulnerability Management in GHS space, coordinating a GHS Operations team’s response in case of critical vulnerabilities identified, or similar events,

• identifying opportunities to automate and streamline processes to maximize efficiencies,

• identifying opportunities to  report on controls compliance to provide leadership with greater insights,

• driving report creation, consolidation, and analysis, by utilizing Microsoft Office and G Suite tools, to create deliverables; Creating and producing presentation slides; practice methodologies and tools; policies and procedures; and/or other standard business communications; Responsible for collation of data and the distribution of periodic and ad hoc operational/compliance reports as required,

• anticipating and negotiating consensus amongst diverse groups while creating a positive impact in the activities of others not in their own reporting structure,

• ability to travel internationally to facilitate compliance audits and activities (approximately 20%),

• being responsible for awareness and compliance with all aspects relating to policy and guidelines of the Information Security Management System (ISMS), including but not limited to the Information Security Policy (ISP). Defining plans and coordinating activities to meet new/changed ISP requirements in the GHS domain,

• performing all related job functions following established processes and procedures in order to preserve the confidentiality of information hosted and managed by the PwC IT Service Ltd. from unauthorized disclosure,

• protecting the integrity of information hosted and managed by the PwC IT Service Ltd. from unauthorized or accidental modification, and protecting the accuracy and completeness of this information,

• being responsible for reporting any (known or suspected) breach in information security or policies,

• representing GHS Ops at compliance and risk related meetings and audits.

Apply if you: 

• have experience in security aspects of multiple operating systems, applications, communications and network systems and protocols. Demonstrate expertise in securing (hardening) operating systems in production environments, with primary emphasis on Microsoft and Linux based systems,

• have knowledge and administration of common cloud providers (Azure, GCP, AWS) and virtualization technologies (Hyper-V, VMware),

• work both as a collaborative member of a high-performing team and work independently and proactively,

• are capable of working autonomously and manage his/her workload,  

• have practical experience in scripting solutions to meet specific needs (e.g. PowerShell, Splunk, etc),

• have experience in using data analysis and business intelligence tools like Alteryx, Power BI or Tableau is an advantage,

• demonstrate knowledge of information security, procedures and reporting standards, in particular SOC2 type 2 and ISO 27001 in the context of cloud and on prem hosting services. Have experience in implementing or operating with compliance standards and frameworks such as ISO 27001, SOC 2, etc. Ability to understand the legal and regulatory requirements and business drivers, and to integrate these into the operating model,

• show ability to design, evaluate and document process improvements. Have experience in leading process improvement teams and interacting with technical managers and development teams,

• understand various sovereignty restrictions (local, regional, global) applicable to systems and data based on existing jurisdictions,

• demonstrate understanding/commitment to ITIL processes and standards,

• demonstrate knowledge of task-planning and resource allocation; time management, finance and quality management; teamwork dynamics and effectiveness; analytics and metrics monitoring and reporting; and documentation and recordkeeping,

• have excellent communication skills, analytical ability, exercising professional skepticism, strong judgment and leadership skills, and the ability to work effectively with Leadership and team members,

• are familiar with working and collaborating with multicultural teams in multiple locations,

• utilize interpersonal skills by collaborating effectively; communicating clearly, concisely and tactfully with senior management, clients, peers, and staff,

• have ability to identify and communicate complex technical issues to both technical and non-technical business representatives.

By joining us you gain:

• work flexibility - hybrid working model, flexible start of the day, workation, sabbatical leave,

• development and upskilling - our full support during onboarding process, mentoring from experienced colleagues, training sessions, workshops, certification co/financed by PwC and conversations with native speaker,

• medical and wellbeing program - medical care package, mindfulness, psychological support, education through dedicated webinars and workshops, financial and legal counseling, 

• possibility to create your individual benefits package (a.o. lunch pass, concierge, veterinary package for a pet, massages) and access to a cafeteria - vouchers, discounts on IT equipment and car purchase, 

• 3 paid hours for volunteering per month, 

• additional paid Birthday Day off,

• and when you start enjoying PwC as much as we do, you may get a bonus in exchange for recommending your friend to work with us.

Recruitment Process:

• apply, 

• talk to our Recruiter on a short HR screening call,

• get to know each other better during an interview with the recruiter and hiring manager.

With any queries please contact pl_ITrecruitment@pwc.com with job title in the subject.