Experienced Consultant – Governance, Risk and Compliance (GRC)

Management Level

Senior Associate

Job Description & Summary

As organisations accelerate their digital transformation, the need for robust governance and resilient risk management has never been greater.

At PwC, our Risk and Resilience practice help clients anticipate threats, navigate regulatory complexity, and embed trust at the heart of their operations. We work with a diverse range of local, regional and international clients, to design and implement robust cyber strategies and governance frameworks, as well as safeguard critical assets from emerging cyber threats, thus enabling secure digital transformation.

The team also collaborates closely with our global network and industry-leading experts, leveraging cutting-edge technologies and proven methodologies to assess risks, strengthen resilience and ensure compliance with global Cybersecurity standards.

We are expanding our team and seeking Experienced Senior Associates to join our dynamic team, who are passionate about helping clients embrace digital transformation with confidence. In this role, you will be at the forefront of empowering our clients to navigate the ever-evolving landscape of digital transformation, cybersecurity threats and regulatory complexities.

Candidates for this role, ideally match the skills below:

• Profound knowledge of program and quality management methodologies, digital and cybersecurity risk management, and IT governance;
• Expertise in cybersecurity standards and frameworks including ISO 27001/2, NIST CSF and other leading practices.
• Practical experience with Microsoft Security solutions, including Microsoft Defender suite, Purview, Entra ID (Azure AD), Sentinel, and Intune;
• Analytical mindset with ability to identity, assess and address technical risks, control gaps and areas for improvement;
• Demonstrate commercial acumen and pragmatism;
• Adept at identifying new value opportunities and contributing to business development;
• Strong written and verbal communication skills, able to convey complex ideas to both technical and non-technical audiences;
• Collaborative and team-oriented attitude, committed to building relationships across multidisciplinary teams;
• Passionate about innovation and continuous learning with the drive to help clients succeed in building a secure digital society; and
• Demonstrates agility, integrity and proactive mindset in fast-paced and evolving environments by managing multiple tasks and delivering against tight deadlines.
   

If this resonates with you, read our exciting job description.

What would our Experienced Senior Consultants expect from us?
 

Responsibilities

If you’re successful, you’ll undertake client work locally and globally which could include a combination of but not limited to:

• Programme and quality management for large digital transformation to ensure the delivery of secure, reliable, and compliant digital solutions.
• Assess digital risks and vulnerabilities in our clients' systems and processes, identifying potential threats and weaknesses.
• Design and implement robust digital trust and cybersecurity frameworks to protect our clients' digital assets and sensitive information.
• Conduct risk assessments and threat modelling exercises to provide clients with actionable risk management recommendations.
• Design, implement and manage Microsoft security solutions focusing on architectures like Zero Trust — including Microsoft 365, Azure, Defender suite, Purview, Entra ID (Azure AD), Sentinel, and Intune.
• Advise clients on Microsoft Security stack and configurations within the M365 ecosystem.
• Collaborate with cross-functional teams to integrate cybersecurity measures throughout clients' digital initiatives, ensuring security is embedded in the core of their business strategies.
• Advise clients on best practices for building trust in the digital ecosystem and maintaining compliance with relevant industry regulations and data protection standards.
• Assist in developing and delivering cybersecurity awareness and training programs for clients' employees to foster a security-conscious culture.
• Stay up to date with the latest cybersecurity trends, emerging threats, and cutting-edge technologies to continually enhance your knowledge and skills.
• Participate in client engagements and manage relationships with key stakeholders, delivering high-quality solutions that drive tangible business outcomes.
• Collaborate with cross-functional teams to integrate digital trust and cybersecurity measures into the core of clients' program management strategies.
• Monitor and assess the effectiveness of security controls and risk mitigation measures, providing insights for continuous improvement.
• Support clients to identify their business obligations with focus Cybersecurity risk-related regulations, data protection regulations and other applicable regulatory bodies such as ISO 27001/2, ISO 27701, NIST CSF, SWIFT CSP, GDPR etc.
• Build and maintain relationships with the members of the team, other teams in the firm and clients.
   

Experience and Qualifications

• At least three years of experience in a similar role;
• Bachelor’s or master’s degree in IT, Computer Science, Cybersecurity or related field;
• Hands-on experience implementing or assessing Microsoft security solutions (Defender, Purview, Entra ID, Sentinel, Intune);
• Certifications such as ISO 27001, CISA, CISSP PMP and CIPM may be an added advantage.
• Microsoft Security certifications such as SC-900, SC-200, SC-100, AZ-500 may also be an added advantage.

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Job Posting End Date

December 5, 2025