Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Director

Job Description & Summary

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls.

Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth.

Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job Description:

We are seeking a highly skilled and experienced Head Data SOC to join our Risk Consulting team. As a Head Data SOC, you will be accountable for smooth functioning of the DSOC and service management for all the clients. You will work on various types of technologies but not limited to DLP, DAM, CASB, Data Discovery, Data Classification, Encryption, DSPM, Zero Trust solutions, PETs, and more. The ideal candidate should possess strong project management skills, technical expertise in cybersecurity, and a comprehensive understanding of best practices in the field.

 

Responsibilities:

DSOC Operations:

Own daily DSOC operations across DLP, Data Discovery, Metadata/Lineage, UEBA, PETs, DAM, CASB, FIM, Encryption/Masking. Ensure SLA adherence and shift handovers.

Incident Command:

Act as Incident Commander for Sev-1/Sev-2; approve containment/eradication plans; lead post-incident reviews.

Service Management:

Govern client SLAs, service catalogs, change/problem management; manage escalations.

Risk & Compliance:

Map DSOC controls DPDPA, GDPR, HIPAA, PCI, SOX; oversee audits and evidence.

Tooling & Platforms:

Ensure health and roadmap for Purview DLP, Defender CASB, Sentinel, Splunk, Elastic, Zscaler, Netskope, Symantec, Forcepoint, Varonis, BigID, Immuta.

Reporting & Dashboards:

Daily Ops: SLA adherence, incidents, DLP violations, CASB alerts, DAM events.

Weekly Exec: Top risks, regulatory exposure, trend lines.

Monthly Board: Risk posture, SLA performance, major incidents.

Quarterly Audit: Evidence packs, control mapping, remediation status.

Incident Management & Response:

Aligned to ITIL, ISO 27035, NIST, MITRE. Responsibilities: Preparation, Detection, Containment, Eradication, Recovery, Post-Incident Review

Project & Stakeholder Management:

Oversee tool deployments, policy rollouts, automation projects, cloud/data migrations. Engage CISO, Business Units, Legal, IT Ops, Compliance, Vendors.

Additional Responsibilities:

Research & Thought Leadership:

Horizon scanning on UEBA, PETs, DAM, CASB, DLP ML improvements. Publish internal papers, lead tabletop exercises, represent DSOC at forums.

Travel Requirements

· Travel to Client locations locally, in addition to travelling domestically and/or internationally for assignments as required.

Mandatory skill sets:  

· Technical: DLP, Data Discovery, UEBA, PETs, DAM, CASB, FIM, Encryption/Masking, SIEM/SOAR.

· Leadership: Team building, executive communication, Delivery Governance

· Regulatory: DPDPA, GDPR, HIPAA, PCI, SOX.

· Excellent communication and presentation skills with the ability to effectively convey complex technical concepts to non-technical stakeholders.

· Strong analytical and problem-solving skills.

· Ability to work independently and collaboratively in a team environment.

· Attention to detail and commitment to delivering high-quality work.

Preferred skill sets:  

Aligned to ITIL, ISO 27035, NIST, MITRE. Responsibilities: Preparation, Detection, Containment, Eradication, Recovery, Post-Incident Review 

Certifications:

· Professional certifications such as CISSP; CISM; ISO/IEC 27001 Lead Implementer or Lead Auditor; ITIL 4 Managing Professional; Cloud: AWS/Azure Security Specialty (at least one); Governance/Risk: CRISC or CGEIT

Years of experience required:  

· Proven experience (9-12 years) in a similar role, preferably in a consulting environment.

· Strong project management skills with the ability to lead and manage multiple projects simultaneously.

· Experience with DLP, CASB, DAM, Encryption, DSPM, Zero Trust Implementation, Monitoring & Assessment along with data discovery and data classification

· In-depth knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST CSF, DPDP Act).

Education qualification:  

· Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of Technology

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Data Discovery, Data Loss Prevention (DLP), Technical Work

Optional Skills

Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Coaching and Feedback, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting {+ 36 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date