A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology. Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments. Our Identity and Access Management Managed Services team helps organisations by designing and implementing end to end IAM programs, as well as providing ongoing operations support with continuous operational improvements.To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.
Responsibilities
As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:
- Use feedback and reflection to develop self awareness, personal strengths and address development areas.
- Delegate to others to provide stretch opportunities, coaching them to deliver results.
- Demonstrate critical thinking and the ability to bring order to unstructured problems.
- Use a broad range of tools and techniques to extract insights from current industry or sector trends.
- Review your work and that of others for quality, accuracy and relevance.
- Know how and when to use tools available for a given situation and can explain the reasons for this choice.
- Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
- Use straightforward communication, in a structured way, when influencing and connecting with others.
- Able to read situations and modify behavior to build quality relationships.
- Uphold the firm's code of ethics and business conduct.
Associate Qualifications
- 1–3 years of experience in IT audit, IT risk assessment, or cybersecurity compliance.
- Experience supporting internal or external audits.
- Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA.
- Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security).
- Strong organizational and analytical skills; ability to work independently and within teams.
- Strong written and verbal communication skills, particularly around documentation of controls and findings.
- High attention to detail and ability to manage multiple concurrent assessments.
- Exposure to IAM systems, cloud security, or endpoint protection technologies.
- Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer).
- Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting.
- Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer).
Senior Associate Qualifications
- 4-6 years of experience in IT audit, IT risk assessment, or cybersecurity compliance
- Experience supporting internal or external audits.
- Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA.
- Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security).
- Strong organizational and analytical skills; ability to work independently and within teams.
- Strong written and verbal communication skills, particularly around documentation of controls and findings.
- High attention to detail and ability to manage multiple concurrent assessments.
- Exposure to IAM systems, cloud security, or endpoint protection technologies.
- Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer).
- Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting.
- Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer).
Key Responsibilities
- Assist in the execution of IT and cybersecurity control assessments based on regulatory, industry, and internal frameworks (e.g., NIST 800-53, ISO 27001, SOC 2).
- Collect and review evidence from system owners and control operators to support control testing and validation.
- Perform control testing and document results in line with internal assessment methodology.
- Collaborate with SMEs and business teams to understand technical implementations and control applicability.
- Identify control gaps, exceptions, or risk themes, and support remediation tracking.
- Support reporting of findings, risks, and recommendations to management and risk stakeholders.
- Maintain documentation for audit trails and ensure compliance with assessment timelines and procedures.
- Assist in the continuous improvement of assessment procedures and templates.
- Leverage tools such as ServiceNow, Archer, or custom GRC platforms for evidence tracking, issue logging, and reporting.
