Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.

About the Role:As a Cybersecurity GRC Specialist, you will play a critical role in designing and implementing a robust cybersecurity framework aligned with the client's strategic objectives. You will be responsible for devising cybersecurity strategies, enhancing enterprise security architecture, and driving program transformation. You should be adept at governance, security processes, risk management, and cybersecurity awareness initiatives.Key Responsibilities:Develop and design a cybersecurity framework based on client organization’s business objectives, goals, vision, and operational plans.Devise a comprehensive cybersecurity strategy including enterprise security architecture, design, and program transformation.Design and manage governance and security processes at system, network, and application levels.Maintain continuous communication with stakeholders to support and uplift the security strategy and capabilities.Stay updated with best practices, vendor capabilities, and frameworks to sustain innovative security programs.Monitor processes, driving improvements in efficiency and quality of the security program.Develop workflows to transition strategic plans into implementation plans and operational readiness.Facilitate strategic planning initiatives, technical roadmaps, and security tool rationalization.Define and establish security policy and standards frameworks.Assist in designing the organizational structure for security.Develop security policies, procedures, standards in line with the security strategy and roadmap.Review cybersecurity policies and processes to identify gaps based on comprehensive assessment frameworks.Conduct security process implementation reviews to assess effectiveness.Assess current cybersecurity practices and provide recommendations.Define risk management techniques for threats and vulnerabilities.Conduct Risk and Threat Assessments following best practices.Execute Cyber Security Diagnostic Assessments and develop related programs.Design and implement cybersecurity awareness and training programs.Provide certification advisory across multiple systems including ISMS, PMS, BCMS, PCI DSS.Implement security controls to achieve certification requirements and develop technology roadmaps.About You:Bachelor’s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent.Proven experience (min. 2-4 years) in similar roles, especially for SA and above.Relevant certifications required: CISM, CISSP, CISA, ISO 27001 (Lead Auditor/Implementer).Knowledge of SC guidelines such as GTRM, RMIT, NIST, PCI CSS, ISO 27001.Experience should include policy writing, gap assessments, and remediation.Strong interpersonal and customer service skills, capable of delivering collaboratively and impacting effectively.Proficiency in creating high-quality professional business presentations.Passionate about analyzing security challenges and developing innovative solutions.Skilled in coordinating between business stakeholders and technical teams.Strong written and verbal communication skills for both business and technical audiences.

Preferred Background:Consulting background is essential (Candidates from Big 4 or similar organizations like EC Council).Candidates with prior consulting experience currently holding in-house positions and looking to return to consulting will also be considered.Certifications:At least one relevant certification is required to start, with additional certifications being advantageous.Note: In the absence of certifications, relevant and substantial experience will be given higher importance and should align closely with the duties outlined.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date

February 22, 2026