Managed Services - ICyber Risk & ESG Integration Specialist - Associate - Operate

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cyber Risk & ESG Integration Specialist Job Description 2–5 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Senior Associate Qualifications 5-7 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Key Responsibilities Support the design, implementation, and optimization of cyber development initiatives aligned with eSG strategic priorities. Conduct gap analyses and risk assessments to identify improvement opportunities in cyber governance, controls, and threat mitigation. Assist in the development and refinement of cybersecurity frameworks, policies, and digital trust strategies. Monitor emerging cyber threats, technologies, and regulatory requirements to ensure proactive compliance and defense. Collaborate with cross-functional teams (e.g., IT, legal, compliance, risk) to align cybersecurity goals with business objectives. Develop dashboards, KPIs, and metrics to track cybersecurity program effectiveness and reporting. Contribute to incident response planning and post-event reviews to improve cyber incident readiness. Support training and awareness programs for stakeholders on cybersecurity and digital governance topics. Show more Show less