Advisory Cyber Privacy Manager
PwC is a network of firms committed to delivering quality in assurance, tax and advisory services.
We help resolve complex issues for our clients and identify opportunities. Learn more about us at www.pwc.com/us.
At PwC, we develop leaders at all levels. The distinctive leadership framework we call the PwC Professional ( provides our people with a road map to grow their skills and build their careers. Our approach to ongoing development shapes employees into leaders, no matter the role or job title.
Are you ready to build a career in a rapidly changing world? Developing as a PwC Professional means that you will be ready
- to create and capture opportunities to advance your career and fulfill your potential. To learn more, visit us at www.pwc.com/careers.
PwC Advisory helps our clients with their most challenging imperatives from strategy through execution. We combine the breadth of knowledge of over 48,000 global professionals with deep industry knowledge to deliver custom solutions for our clients. We work with the world's largest and most complex companies and understand the unique business issues and opportunities our clients face.
As we aim to rapidly grow our Cybersecurity and Privacy practice, we are looking for consultants who are passionate about how strategy and technology can improve the role of cybersecurity, privacy and data protection in our digital world.
We are looking for consultants with extensive consulting, technological and industry experience who will help our clients solve their complex business issues from strategy through execution. A Cybersecurity and Privacy consulting career will provide the opportunity to grow and contribute to our clients'business issues every day, applying a collection of information and Cyber security capabilities, including security and privacy strategy and governance, IT risk, security testing, technology implementation/operations, and cybercrime and breach response.
Our Privacy&Consumer Protection services enable clients to discover and map data life cycles to create business value, as well as design a program that can jump-start success and build trust among consumers. We focus on helping clients maintain compliance of cross-border data transfers with global privacy laws and earn stakeholder trust in their use of personal datawhile identifying opportunities to better optimize compliance, risk, and value creation.
Privacy Compliance and Data Protection works with the areas of Privacy and/or Security Program Development and Strategy, Information and Operational Risk Management and Compliance, Data Use and Protection and Legal and Financial Services operational risk.
At PwC, our team members have subject matter expertise with US federal, state, and/or international privacy laws including but not limited to GLBA Reg P, TCPA, the EU General Data Protection Regulation, the APEC CBPR and other industry specific regulations such as NAIC.
Our team assists clients in the development of corporate privacy programs, including policies, procedures and training, supporting technology deployments, planning for and attaining BCRs, conducting large and small scale privacy risk assessments, development of Third Party Risk Management programs, and incorporating privacy by design principles into product development.
Minimum Year(s) of Experience: 5
Minimum Degree Required: Bachelor's degree
Degree Preferred: Bachelor's degree in a technology or engineering related field
Certification(s) Preferred: Certified Information Privacy Professional (CIPP/US), CIPP certification in European privacy (CIPP/E), Canadian privacy (CIPP/C), Technology (CIPT), FIP or other certifications
Demonstrates extensive knowledge and/or a proven record of success, developing and implementing privacy and risk strategies for common privacy issues facing clients who provide products and services in several sectors that include, but are not limited to, Financial Services, Healthcare, Manufacturing, Retail, Media and Entertainment, and Energy, preferably for a global network of professional services firm, with emphasis in the following areas:
- Writing, communicating, facilitating, and presenting cogently to and/or for all levels of industry audiences, clients and internal staff/management;
- Possessing technical and operational privacy and/or standard industry practices relating to privacy, in order to assist clients with assessing their posture and improving their program;
- Understanding of common privacy industry standards/ regulations (e.g. GDPR, HIPAA / HITECH, EU GDPR and Privacy Shield, COPPA, State Breach Disclosure Laws; CANSPAM, GLBA), especially as it relates to building a program and/or managing internal controls, risk assessments, business process or operational auditing;
- Consulting and implementing projects in the following types of data privacy-related areas:
- Enhancement of data privacy programs;
- Privacy impact and gap assessments;
- Data inventories and data flows;
- Binding Corporate Rules;
- Creation of privacy incident response plans;
- Review of third-party data exchange/international agreements;
- Cross-border data transfer issues, including Model Contracts and Privacy Shield;
- Investigations and investigatory responses to data privacy and security incidents with regulatory agencies;
Compliance and reputational risk mitigation, emphasizing US and international Privacy, Data Protection and Information laws and understanding the privacy risks impacting a particular industry; and,
- Understanding of emerging technologies, such as cloud, Internet of Things (IoT) and advanced analytics is advantageous.
Demonstrates extensive abilities and/or a proven record of success, assisting in client-facing engagement delivery, practice development, business development and thought leadership, preferably for a global network of professional services firms, including in the following areas:
- Managing and/or contributing to project planning, engagement administration, budget management, and successful completion of engagement workstream(s);
- Communicating in an organized and knowledgeable manner in written and verbal formats, including delivering clear requests for information and communicating potential conflicts, assisting business development teams responsible for writing and presenting proposals to prospective clients, and fostering and maintaining lasting relationships with senior executives;
- Identifying and addressing client needs while displaying the ability to contribute to the development of a business vision and manage implementation efforts with complex project management capabilities;
- Supporting practice management for a specific operation or process; and,
- Managing client and account relationships, identifying opportunities and developing the appropriate approach to successfully close and deliver the engagement.
For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.
Associated topics: attorney, attorney corporate, business, compliance department, compliance office, corporate, corporate attorney, internal, lawyer, legal