Jobfoundry
Jobfoundry
PwC

Cyber Governance, Risk & Compliance (GRC) – Senior Associate

PwC
BusinessSingapore - Marina One, SingaporeFull-time2 months ago
Apply Now

About the role

AI summarised

Senior Associate in Cyber Governance, Risk & Compliance at PwC's advisory practice. The role involves designing and delivering cyber GRC engagements, including developing governance materials, performing risk assessments, and supporting GRC technology enablement for clients across industries.

BusinessFull-timeGeneral

Key Responsibilities

  • Develop and enhance cybersecurity governance materials, including policies, standards, procedures, control frameworks, and RACI models.
  • Design and support the development of enterprise security strategies, cyber target operating models, and transformation roadmaps.
  • Perform readiness assessments aligned to regulatory, industry, and client-specific requirements.
  • Execute risk management activities, including risk identification, scoring, control testing, development of KRIs/KPIs, and reporting enhancements.
  • Support GRC technology enablement through requirements gathering, workflow mapping, control library development, and dashboard reporting using platforms.
  • Facilitate workshops, interviews, and stakeholder discussions to gather insights, align requirements, and validate findings.
  • Work collaboratively with cross-functional project teams to ensure seamless and timely delivery of engagement outcomes.
  • Keep abreast of emerging regulations, cyber risks, technologies, and best practices to support continuous improvement of practice offerings.

Requirements

  • 3–5 years of experience in cybersecurity governance, risk management, and compliance.
  • Hands-on experience developing or reviewing cybersecurity policies, standards, procedures, and control frameworks.
  • Experience conducting cyber maturity assessments, compliance reviews, or risk assessments.
  • Hands-on experience with GRC tools (E.g. ServiceNow GRC, Archer, OneTrust).
  • Comfortable in dynamic environments with evolving client needs.
  • Familiarity with key frameworks and regulations including NIST CSF, ISO 27001, COBIT, MAS TRM, PDPA.
  • Strong analytical, problem-solving, communication, and stakeholder engagement skills.
  • Bachelor's degree in Computer Science, Information Systems, Information Technology, Engineering, or related field. Equivalent experience may be considered.
  • Preferred Certifications: CRISC, CISM, CISSP.
  • Strong facilitation and communication abilities.
  • Ability to manage multiple priorities and deliver high-quality outputs under tight timelines.
  • Adaptability, teamwork, and growth mindset.