At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively.
Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. As a Senior Associate, you will join our Strategy, Risk & Compliance team, helping clients manage cybersecurity risk, compliance, and governance. You will lead projects that identify risks, design mitigation plans, and implement security strategies, offering significant opportunities in PwC careers, cybersecurity jobs, and risk management solutions.

Eligibility / Qualification Required:

• Key Responsibilities:
  • Drive security strategy and governance initiatives, including operating model and organizational design.
  • Conduct maturity assessments, audit readiness reviews, framework evaluations, and vendor comparisons.
  • Design and implement frameworks (NIST, ISO, PCI-DSS, HIPAA, COBIT) and roadmap planning.
  • Define cloud architecture and migration strategies.
  • Lead policy management (writing, review, lifecycle).
  • Implement AI/GenAI solutions for GRC automation, compliance reporting, and control testing.
  • Utilize GRC tools (MetricStream, Archer, ServiceNow) and analytics platforms (PowerBI, Tableau).
  • Assess organizational security posture and recommend action plans.
  • Manage vendor risk, outsourcing risk, and technology risk.
• Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
  • Respond effectively to the diverse perspectives, needs, and feelings of others.
  • Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
  • Use critical thinking to break down complex concepts.
  • Understand the broader objectives of your project or role and how your work fits into the overall strategy.
  • Develop a deeper understanding of the business context and how it is changing.
  • Use reflection to develop self awareness, enhance strengths and address development areas.
  • Interpret data to inform insights and recommendations.
  • Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.
• Desired Skills:
  • Strong knowledge of cybersecurity programs, governance, risk management, and regulatory requirements.
  • Hands-on experience creating cybersecurity standards and policies.
  • Familiarity with GenAI/LLMs for automating GRC processes.
  • Excellent communication, analytical, and project management skills.
  • Ability to develop automation solutions aligned with business and threat posture.
• Education & Certifications:
  • Degree in IT or Cybersecurity.
  • Preferred certifications: CISA, CISM, CISSP, CRISC, ISO 27001, PCI DSS.
• Experience: 3–8 years

General Conditions:

All qualified applicants will receive consideration for employment at PwC without regard to ethnicity; creed; color; religion; national origin; age; disability; neurodiversity; sexual orientation; gender identity or expression; marital; or any other status protected by law. PwC is proud to be an inclusive organization and equal opportunity employer.
Understand the importance of having correct information management, knowledge of Information Security and Data Protection, and correct Information Security Management.

How to Apply:

Specific application instructions, including required documents and submission method, are not provided in the job description. Applicants are advised to refer to the official PwC careers website for details on how to apply for this Senior Associate, Cybersecurity & Privacy position.
View Official Posting & Apply