Senior Associate - Data Privacy and Trust Consultant

IN_Senior Associate_Data Privacy and Trust – Cyber in Emerging Tech_ Advisory -Mumbai

Line of Service

Advisory

Industry/Sector

FS X-Sector

Specialism

Risk

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls.

Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth.

*Why PWC

At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us.

At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. "

Job Description & Summary: 

We are seeking a highly skilled and experienced Data SOC Functional Consultant to join our Risk Consulting team. As a Data SOC Functional Consultant, you will be responsible for policy advisory, process governance, third-party risk management, and data flow assessments for clients. You will work as Consultants for Policies / Processes / TPRM / DFA kind of customer interaction items. You will work on various types of technologies but not limited to DLP, DAM, CASB, Data Discovery, Data Classification, Encryption, DSPM, Zero Trust solutions, PETs, and more. The ideal candidate should possess strong project management skills, technical expertise in cybersecurity, and a comprehensive understanding of best practices in the field. 

 

Education: 

• Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field. 

Certifications: 

• Professional certifications such as ISO/IEC 27001 Lead Implementer or Auditor; NIST CSF Practitioner; DPDPA (India) practitioner/lead implementer course; Privacy: IAPP CIPP/E or CIPM 

Experience: 

• Proven experience (4-7 years) in a similar role, preferably in a consulting environment. 

• Strong project management skills with the ability to lead and manage multiple projects simultaneously. 

• Experience with DLP, CASB, DAM, Encryption, DSPM, Zero Trust Implementation, Monitoring & Assessment along with data discovery and data classification 

• In-depth knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST CSF, DPDP Act). 

Skills:  

• Technical: DLP, Data Discovery, UEBA, PETs, DAM, CASB, FIM, Encryption/Masking, SIEM/SOAR.  

• Leadership: Team building, executive communication.  

• Regulatory: DPDPA, GDPR, HIPAA, PCI, SOX. 

• Excellent communication and presentation skills with the ability to effectively convey complex technical concepts to non-technical stakeholders. 

• Strong analytical and problem-solving skills. 

• Ability to work independently and collaboratively in a team environment. 

• Attention to detail and commitment to delivering high-quality work. 

 

Responsibilities: 

 

 

Policy Advisory: 

Draft and review data security policies; ensure alignment with regulatory frameworks (DPDPA, GDPR, HIPAA, PCI, SOX). 

 

Process Governance: 

Define and maintain DSOC processes; ensure ITIL and ISO 27035 compliance. 

 

Third Party Risk Management (TPRM): 

Conduct third-party risk assessments; validate vendor compliance with security standards. 

 

Data Flow Assessment: 

Perform DFA for critical applications, document lineage and classification. 

 

Client Interaction: 

Engage with customers for governance workshops, audits, and compliance reviews. 

 

Reporting & Dashboards: 

Weekly: Policy compliance scorecards and TPRM status.  

Monthly: DFA reports and governance metrics.  

Quarterly: Audit readiness and regulatory alignment updates. 

 

Incident Management & Response: 

Support incident reviews by validating policy adherence and process gaps; assist in remediation planning. 

 

Project & Stakeholder Management: 

Lead governance and compliance projects; coordinate with DSOC Head, Legal, and client teams for successful delivery. 

 

Additional Responsibilities:  

 

Research & Thought Leadership: 

Stay updated on regulatory changes and best practices; publish internal compliance guidelines; contribute to policy improvement initiatives. 

 

Travel Requirements 

• Travel to Client locations locally, in addition to travelling domestically and/or internationally for assignments as required. 

 

Available for Work Visa Sponsorship? 

Government Clearance Required? 

Mandatory skill sets:Experience with DLP, CASB, DAM, Encryption, DSPM, Zero Trust Implementation, Monitoring & Assessment along with data discovery and data classification

Preferred skill sets:In-depth knowledge of cybersecurity frameworks, standards, and best practices (e.g., ISO 27001, NIST CSF, DPDP Act).

Years of experience required:4-7

Education Qualification:B.tech/BE

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Bachelor of EngineeringDegrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Data Privacy Standards

Optional Skills

Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date

March 3, 2026

Experience Level

Senior Level