GRC & Cloud Security Analyst

Established in the region for 40 years, PwC has around 12,000 people in 12 countries across the region: Bahrain, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, the Palestinian territories, Qatar, Saudi Arabia and the United Arab Emirates.

Our regional team operates across the Middle East bringing international experience delivered within the context of the region and its culture. We can bring the collective knowledge and experience of more than 370,000 people across the entire global PwC network in advisory, assurance and tax to help you find the value you are looking for.

At PwC, our people in managed services focus on a variety of outsourced solutions and support clients across numerous functions. These individuals help organisations streamline their operations, reduce costs, and improve efficiency by managing key processes and functions on their behalf. They are skilled in project management, technology, and process optimization to deliver high-quality services to clients.

Those in managed service management and strategy at PwC will focus on transitioning and running services, along with managing delivery teams, programmes, commercials, performance and delivery risk. Your work will involve the process of continuous improvement and optimising of the managed services process, tools and services.

Established in the region for over 40 years, PwC Middle East employs over 6,000 people across 12 countries: Bahrain, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, Qatar, Saudi Arabia, Palestine and the United Arab Emirates. Complementing our depth of industry expertise and breadth of skills is our sound knowledge of local business environments across the Middle East region. Our tailored solutions help our clients meet the challenges and opportunities of doing business in the Middle East market, and beyond.

A career in our Cyber technology services will allow you to work under the supervision of cyber cybersecurity leadership within the Cyber business unit consulting practice. Use strategic business consulting skills to work with clients through all stages of strategy‑based transformation projects. Provide support on client assignments that help to develop a strategy and then refocus an organization on making that strategy a reality. We are a growing team and looking for dynamic, flexible, proactive and hardworking consultants who have a passion for shaping cybersecurity positively in the GCC over the coming years. We have a strong pipeline of large, transformational opportunities with our clients which will provide great opportunities for all our people to step up and play significant and rewarding roles in an entrepreneurial and innovation driven environment.

As a Senior Associate, you’ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

Work under the supervision of cybersecurity leadership within the Cyber & Digital Trust business unit consulting practice.

Support in the design and development of cybersecurity programs in different domains including the development of strategy, GRC, architecture, identity and access management and cybersecurity solutions based on leading practices such as NIST, CIS, ISO27001 and others.

Support the development and implementation of cybersecurity governance, risk and compliance frameworks aligned with NIST CSF, ISO 27001, CIS Controls, and local GCC regulatory requirements (e.g., NCA, SAMA, NESA, TDRA, NDMO).

Conduct cybersecurity risk assessments, maturity assessments, and gap analyses to benchmark client capabilities against industry standards and regulatory expectations.

Develop and refine cybersecurity policies, procedures, standards, and guidelines ensuring alignment with business objectives, compliance mandates and leading practices.

Support audit readiness and certification efforts for frameworks such as ISO 27001 and other related standards.

Design of cybersecurity strategies and roadmaps that balance risk management, business enablement, and digital transformation goals.

Work closely with cross‑functional teams to define target operating models for cybersecurity functions, including governance structures, roles, and performance indicators.

Develop and execute cybersecurity awareness and culture programs. This includes designing tailored awareness campaigns, executive briefings, training programs, and behavior‑change initiatives to foster a culture of digital trust and resilience.

Assist in the design of target technical security architecture for clients with deep understanding and analysis of emerging cybersecurity solutions including, but not limited to, threat intelligence, anti‑advanced persistent threats, DLP, SIEM, next generation firewalls, analytics, enterprise incident response and others.

Support in the implementation of cybersecurity solutions at client premises and be able to work closely with security vendors and system integrators.

Communicate effectively (both verbal and writing) with executives, IT personnel, executives, and business users communities, translating complex cybersecurity concepts into actionable insights.

Support in coordinating, facilitating, and making presentations.

Support in business development activities, including preparation of technical and financial proposals and participation in client pursuits.

Work with colleagues across PwC Middle East offices on client engagements and internal initiatives as well as with international teams.

Conduct research on emerging cybersecurity technologies and disseminate knowledge to Cyber & Digital Trust consultants and clients where required.

Assist in developing new service offerings for the Cyber & Digital Trust business unit.

Build deep understanding of regional cybersecurity themes and trends, particularly those impacting clients in government, financial services, energy, and critical infrastructure. Work collaboratively with other cybersecurity experts to shape the future of our clients and to bring about positive change.

You will have access to all of the latest training and development tools and the support of the wider PwC network.

Strong understanding of emerging cybersecurity technologies and standards.

Experience in cybersecurity strategy development, operating model design, culture transformation, as well as cybersecurity governance, risk and compliance management.

Experience interpreting and applying GCC regulatory frameworks (NCA, SAMA, NESA, PDPL, etc.) and international leading practices (ISO 27001, NIST CSF, etc.).

Special experience in identity and access management, SIEM/SOC, security architecture, cloud and DLP is a plus.

Achievement oriented with the ability to be flexible and adaptive on a daily basis.

Excellent organisational skills, having the ability to prioritise workload whilst being resilient and able to cope well under pressure and meet tight deadlines.

Excellent problem solving skills with a structured thinking process.

Strong connections and relationships with clients in Saudi Arabia and the UAE is a plus.

Strong time‑management and organizational skills.

Ability to learn new concepts and carry out technical research.

Proven IT skills in Microsoft Office and G‑suite applications.

Language Skills: Excellent communication skills (verbal and written) in English (Arabic is a plus).

The ability and willingness to travel within the Middle East is a MUST.

Education: B.A/ B.Sc. in Computer Engineering or related field. M.Sc. in Computer Engineering or related field is preferred.

Candidates are expected to hold or be actively pursuing one or more of the globally recognized certifications relevant to Cybersecurity, Digital Trust and Project Management.

• 1-3 Years of experience

• N/A

Other skill sets: Data Quality Automation, Digital Transformation, Project Delivery, Business Process Improvement, Workflow Automation, Empathy, Delivery Excellence, Operations Strategy, Managed Services, Design Automation, Business Transformation, Budgetary Management, Automation, Workforce Planning, Well Being, Teamwork, Process Improvement, Business Process Outsourcing, Service Level Management, Service Management, Automation Solutions, Operational Performance Management (OPM), Accepting Feedback, Inclusion, Business Process Automation (BPA), Process Performance Analysis, Continuous Process Improvement, Troubleshooting Performance, Intellectual Curiosity, Active Listening, Stakeholder Engagement, Risk Documentation, Service Delivery, Timely Delivery, Operational Risk Management, Operational Excellence, Emotional Regulation, Optimism, Project Management, Automation Framework Design and Development, Project Planning, Communication, Process Optimization, Deliverable Planning.

Tagged as: Associate, IFS - Internal Firm Services - Other, MID Internal Firm Services