Managed Services - Cybersecurity Managed GRC Services & Awareness - Senior Associate

Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

IFS - Internal Firm Services - Other

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in managed services focus on a variety of outsourced solutions and support clients across numerous functions. These individuals help organisations streamline their operations, reduce costs, and improve efficiency by managing key processes and functions on their behalf. They are skilled in project management, technology, and process optimization to deliver high-quality services to clients. As a managed service delivery generalist at PwC, you will execute outsourced processes, such as client and customer interaction; data review, enrichment and processing; implementing and monitoring quality controls; and resolving escalations and queries.

Job Summary:

What does this role aim to achieve in the firm/what impact does the role create

This role requires a professional with 3-4 years of experience who can support clients in implementing and managing GRC solutions and developing awareness programs to strengthen cybersecurity resilience. Proficiency in tools such as RSA Archer, ServiceNow, and MS Purview is essential, and familiarity with awareness platforms like KnowBe4, CoFense, or ProofPoint is an added advantage. The ideal candidate will have experience in delivering cybersecurity managed services.

Roles and Responsibilities:

Daily tasks and delivery expectation

Managed GRC Services Delivery :

• Lead the implementation, operation, and continuous improvement of GRC platforms such as RSA Archer, ServiceNow, and MS Purview in a managed services capacity.

• Perform risk assessments, compliance tracking, and audits to help clients manage regulatory requirements and mitigate risks effectively.

• Design and maintain workflows, dashboards, and reporting systems that align with client needs and industry best practices.

Compliance and Risk Management :

• Develop and implement governance frameworks tailored to client industries and regional regulatory requirements.

• Support clients in aligning with standards such as ISO 27001, NIST CSF, and CIS Controls, ensuring GRC processes remain scalable and sustainable.

• Monitor and track risks, controls, and remediation plans, providing regular updates and actionable recommendations to clients.

Client Collaboration :

• Act as a GRC advisor for clients, delivering insights into risk and compliance gaps and offering strategic recommendations to strengthen security postures.

• Deliver regular reports showcasing performance metrics, compliance trends, and areas of improvement to demonstrate the value of managed GRC services.

Service Optimization :

• Continuously refine managed GRC services to improve efficiency, scalability, and client satisfaction.

• Leverage automation tools and integrations to reduce manual efforts and enhance the effectiveness of GRC processes.

Awareness Program Support (Secondary Focus):

• Provide supplementary support for managed cybersecurity awareness programs using tools like KnowBe4, CoFense, and ProofPoint, when required.

• Assist in integrating awareness components into broader GRC frameworks to enhance organizational security culture.

Expected Skills:

Specific learned abilities or technical skills

• Hands-on experience with GRC platforms such as RSA Archer, ServiceNow, and MS Purview for risk and compliance management.

• Familiarity with awareness platforms like KnowBe4, CoFense, or ProofPoint (preferred).

• Knowledge of cybersecurity frameworks such as ISO 27001, NIST CSF, and CIS Controls.

• Understanding of phishing simulation tools, regulatory compliance requirements, and risk assessment methodologies.

• Strong analytical skills to interpret data and provide actionable recommendations.

• Excellent communication and presentation skills to convey GRC and awareness insights to clients and stakeholders.

• Ability to manage multiple projects and priorities in a dynamic environment.

• Proactive mindset with a focus on delivering measurable results.

Expected Competencies:

Values, behaviors & attitude

• Leadership

• Strategic mindset

• Stakeholder management

• Ability to influence

• Communicate with impact

• Project management

• Results driven

• Drive organizational excellence

Required Language Skills:

Proficient in written and spoken English. Arabic is a plus

Minimum Education and Specific Qualification:

• Bachelors degree in Cybersecurity, Information Technology, or a related field.

• Relevant certifications such as CompTIA Security+, CEH, or equivalent.

• 3-4 years of experience in cybersecurity, with a focus on GRC services or awareness program development.

Years of Experience: 3-4 years

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required: Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Business Process Outsourcing, Claims Performance Management, Communication, Complaint Management, Compliance Auditing, Compliance Review, Contract Review, Corrective Actions, Creativity, Customer Data Management (CDM), Customer Due Diligence, Customer Handling, Data Entry, Data Quality, Data Quality Assessment, Delivery Excellence, Embracing Change, Emotional Regulation, Empathy, Inclusion, Intellectual Curiosity {+ 20 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No