At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas.Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same.
Skills
Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:
- Analyse and identify the linkages and interactions between the component parts of an entire system.
- Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion.
- Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables.
- Develop skills outside your comfort zone, and encourage others to do the same.
- Effectively mentor others.
- Use the review of work as an opportunity to deepen the expertise of team members.
- Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate.
- Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.
Major Responsibilities
- Risk Management - 60%
- This is a matrixed position reporting into Delivery Excellence in Managed Services, while also being accountable to governing functions in One Firm Risk (Ethics & Compliance, OGC, and Independence). The role combines leadership, strategic data protection measures, and the implementation of compliance monitoring frameworks to ensure contractual, regulatory, and PwC policy requirements are consistently met across engagements.
- Lead the testing and implementation of compliance controls and monitoring frameworks within Managed Services, ensuring alignment with PwC global/network standards, Canadian legal and regulatory requirements, and policies as defined by OFR Ethics & Compliance, OGC, and Independence functions.
- Collaborate with IT, legal, risk and operational stakeholders to proactively align processes to applicable best practices, regulations, professional rules, local or Network Policy as defined by OFR Ethics & Compliance function and as applicable to Managed Services Engagements..
- Prepare reporting and insights for governing functions (OFR, OGC, Independence, Ethics & Compliance) to provide visibility into compliance trends and escalate issues where needed.
- Provide recommendations to address root causes of recurring risk trends and ensure long-term compliance improvement.
- Project Management - 30%
- Develop and manage structured workflows, ensuring alignment with risk governance frameworks and project objectives.
- Coordinate with OFR, Engagement teams, Delivery Excellence, OGC, Independence, and other cross-functional stakeholders to ensure the timely mitigation of compliance and operational data risks.
- In conjunction with OGC Privacy Office, conduct engagement data risk assessments and operational risk analyses to mitigate identified gaps.
- Prepare reporting and insights for governing functions (OFR, OGC, Independence, Ethics & Compliance) to provide visibility into compliance trends and escalate issues where needed.
- Maintain managed services business continuity plans and coordinate supporting activities.
- Maintain offering data risk profiles to align with new and evolving offerings through the managed services service catalogue.
- Training, Learning & Development - 10%
- Mentor team members to develop expertise in data protection, risk identification, and controls management.
- In conjunction with Ethics & Compliance, OGC, and L&D, deliver training sessions and workshops to promote a proactive compliance and risk culture within Managed Services teams.
- In conjunction with Engagement teams and governing risk functions, create and maintain playbooks, standard operating procedures (SOPs), and educational materials related to compliance and data protection best practices.
Qualifications
Education & Professional Certification
- Bachelor’s degree in Law, Information Technology, Business Administration, or a related discipline is required.
- Advanced certifications such as CIPP/E, CIPP/C, CIPM, CIPT, CISSP, or ISO 27001 are strongly preferred
- A Master’s degree in Cybersecurity, Risk Management, or related fields is considered an asset.
Work Experience
- 8+ years of experience in data protection, compliance, operational risk management, or related fields, including 3+ years in a managerial role.
- Familiarity with privacy risk assessments, regulatory reporting standards, and control frameworks within Managed Services delivery models.
- Experience leveraging automation and monitoring tools to oversee compliance efforts and identify risk trends.
- Experience in compliance monitoring, regulatory oversight, or delivery assurance functions is strongly preferred, given the role’s focus on advising, escalating, and ensuring adherence to internal and client requirements.
Technical Skills & Specialized Knowledge
- Advanced ability to design and validate controls for risk management using industry best practices and metrics-based performance tracking.
- Strong research and problem-solving skills, with a continuous improvement mindset to solve evolving challenges in compliance and privacy operations.
- Technical understanding of cybersecurity practices, including secure connectivity models, identity management, encryption, and access controls.
- Moderate familiarity with AI-driven tools and automation processes, such as Microsoft Copilot or similar solutions, used for privacy and compliance monitoring.
Communication/Interpersonal Skills
- Exceptional written and verbal communication skills to interact effectively with stakeholders, including senior leadership and global compliance teams.
- Proven ability to influence and negotiate across teams, ensuring alignment on privacy initiatives and compliance strategies.
Customer/Client Service
This role emphasizes an attitude of service excellence. The Manager will engage with internal and external stakeholders to:
- Anticipate client needs and proactively address challenges through innovative compliance solutions.
- Provide long-term risk mitigation and clear action plans aligned to Managed Services objectives.
- Act as a trusted advisor, guiding client teams on best practices in safeguarding sensitive data.
Leadership & Coaching
As the team lead for Managed Services privacy governance, this role includes:
- Acting as a subject matter expert to support decision-making across global teams.
- Providing guidance and mentorship to team members, ensuring development in compliance risk mitigation.
- Championing alignment between compliance expectations and day-to-day operations.
