Information Technology - Director
Job Profile Summary
Job Description
The Role of an Information Security Leader in PwC China
We are seeking a senior information security leader for PwC China responsible for supporting the member firm in the development, implementation, maintenance, and enhancement of all information security related activities in alignment with the Network Information Security Strategy. This person will be accountable for balancing the local security needs with the regional and global security strategy in order to support our business.
The role necessitates the ability to influence senior business and technology leadership across PwC China and engage with the business in all areas of information security, including security policies and standards, incident management, security consultancy, legal and regulatory compliance, security compliance audits and security budget.
This position demands an experienced, strategic leader with the ability to influence business decision-makers over whom s/he has no authority and who understand business operations as well as information technology and information security. The position will be required to utilize such knowledge to support the Network Information Security Strategy in the implementation of global security services at the local level, improve the information security culture of the member firm, driving locally executed security services and ensuring that the overall information security strategy is aligned to the member firm’s business needs.
To drive alignment with the Network Information Security Strategy, the role will have a direct reporting line into the Chief Operations Officer (COO) in PwC China.
Scope of Responsibility
Serves as the information security subject matter expert for PwC China. Influences, advises and executes on information security activities. Responsible for ensuring PwC China satisfies network and local security requirements. Responsible for local service management of global security shared services.
Responsibilities
• Establishes and drives the information security strategy and roadmap of PwC China
• Aligns the information security strategy of PwC China to the Network Information Security Strategy
• Drives implementation of global security services to PwC China Represents and acts as an advocate for Network Information Security to PwC China and serves as local contact for global services
• Manages delivery of global information security shared services to PwC China Utilizes business knowledge to drive information security change and improvement programs in PwC China
Metrics
• Timely execution and delivery of Network Security Transformation Programme initiatives to PwC China
• Improvement of the leadership’s understanding of information security risks in PwC China
• Quality execution of security services in PwC China to support local requirements
• Peer and upward feedback
• Improvement of the security posture in PwC China
Personal Competencies
An inspirational leader who is a security leader with proven delivery capabilities, preferably with a technical background rather than in policies, standards and audit. Excellent understanding of threats and cyber security landscape architecture framework; assurance frameworks/certifications, control frameworks, policy frameworks. They will have a track record of success in implementing an information security strategy for a large, distributed, international organisation with traditional and online operations; an experience of systems development, systems management, project management and solution delivery. They will bring experience of structured systems analysis techniques and practices as well as strong analytical and problem-solving skills.