At PwC, we focus on creating a promising future where trust and innovation go side by side. Do you want to face this challenge with us?PwC Services Portugal (PSP) is a joint venture between PwC Luxembourg and PwC Portugal, serving as an integral extension of PwC Luxembourg. Our growing team operates as an acceleration center supporting PwC Luxembourg's clients. Leveraging a unique pool of talented professionals based in Matosinhos, our operating model ensures scalability, consistency, and quality in service delivery by integrating seamlessly into PwC Luxembourg's operations and addressing talent attraction challenges sustainably.The role - Governance, Risk and Compliance ConsultantResponsibilitiesAs a GRC Consultant, you will help organisations to define and implement security measures to protect them against these evolving cyber threats to ultimately support them in achieving their business objectives. Your main responsibilities will include, but are not limited to:Define and implement information security governance framework including policies, procedures, standards, baselines, roles and responsibilities Monitor and analyse security systems to identify potential threats and vulnerabilities and support for the implementation of mitigation measures Assist our clients Information Security Officers or IT Security Officers in their day-to-day operations Configure and maintain security tools and systems for our clients' operations Participate in assignment to conduct risk assessment on organisations' business processes, new and existing IT systems Define key risk indicators (KRIs) and key performance indicators (KPIs) to effectively monitor risks Define and implement cybersecurity roadmap supporting our clients to identify their priorities, implementation costs, potential for tooling Support our clients in their transformation journey following Digital Operational Resilience Act or NIS2 requirements.Your profileBSc or MSc in Information Technology, Computer Science, or a related field At least one year of professional experience in Information Security or Cybersecurity with a background in Security Compliance and IT Risk Management Previous experience or exposure to regulatory requirements such as DORA, NIS2, EBA, CSSF and GDPR Solid proof and knowledge in Risk Management elements such as threats, vulnerabilities, risk appetite, risk tolerance and risk profile Certifications such as ISO 27001, CISA, CISSP or GSTRT would be considered an advantage Fluent in both written and spoken English and Portuguese.We believe that success lies in people and in your willingness to push boundaries. If this resonates with you, you've found your place. It's time to bring your expertise to the 'Team PwC' and drive impactful change.We spark curiosity so you can do inspiring work.Grow here. Go further.#J-18808-Ljbffr