At PwC, our cybersecurity professionals focus on protecting organizations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to protect sensitive data. As a cybersecurity generalist at PwC, you will focus on delivering comprehensive security solutions and expertise across various domains, ensuring the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to effectively address different security challenges.

Must Have

• Conduct cybersecurity maturity diagnostics using frameworks like NIST CSF 2.0, CIS Controls, ISO/IEC 27001.
• Support and lead cyber risk assessments, mapping processes, assets, and controls.
• Structure action plans with technical and strategic recommendations for risk mitigation.
• Act as project PMO, ensuring organization, schedule, and delivery monitoring.
• Facilitate interactions with internal areas and clients, organizing meetings and tactical alignments.
• Support the creation of executive presentations and technical reports.
• Actively participate in internal consulting rituals and contribute to offer evolution.
• Completed higher education in IT, Engineering, Information Systems, Administration, or related fields.
• Minimum 2 years experience in information security consulting or risk management.
• Experience with frameworks and best practices like NIST, ISO 27001, CIS Controls, COBIT.
• Experience in process mapping, control evaluation, and defining security action plans.
• Solid written and verbal communication skills for technical and executive interactions.
• Organization, sense of priority/urgency, and quality-delivery oriented profile.

Good to Have

• Certifications like ISO 27001 Foundation, CompTIA Security+, CISM, PMP or equivalents.
• Experience with agile project management (Scrum, Kanban, etc.).
• Intermediate or advanced English, especially reading and writing.
• Proficiency in Excel for data analysis, evidence organization, and structured reports.
• Analytical capacity and structured logical reasoning.
• Skills in building executive materials in PowerPoint with storytelling.

Job Description & Summary

At PwC, our cybersecurity people focus on protecting organizations against cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to protect sensitive data.

As a cybersecurity generalist at PwC, you will focus on delivering comprehensive security solutions and expertise across various domains, ensuring the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to effectively address different security challenges.

Main Responsibilities

• Conduct cybersecurity maturity diagnostics based on frameworks such as NIST CSF 2.0, CIS Controls, ISO/IEC 27001 and similar;
• Support and lead cyber risk assessments, mapping processes, assets, and controls related to cyber resilience and business continuity;
• Structure action plans with technical and strategic recommendations aimed at risk mitigation and maturity increase;
• Act as project PMO, ensuring organization, schedule, delivery monitoring, and communication with stakeholders;
• Facilitate interactions with internal areas and clients, organizing meetings, tactical alignments, and support in building documentary deliverables;
• Support the construction of executive presentations and technical reports;
• Actively participate in internal consulting rituals and contribute to the evolution of offers and methods.

Mandatory Requirements

• Completed higher education in areas such as Information Technology, Engineering, Information Systems, Administration, or related fields;
• Minimum of 2 years of practical experience in information security consulting, risk management, or cybersecurity projects;
• Experience with frameworks and best practices such as NIST, ISO 27001, CIS Controls, COBIT or similar;
• Experience in process mapping, control evaluation, and definition of security action plans;
• Solid written and verbal communication skills for interactions with technical and executive areas;
• Organization, sense of priority/urgency, and a profile oriented towards quality deliveries.

Desirable Differentiators

• Certifications such as ISO 27001 Foundation, CompTIA Security+, CISM, PMP or equivalents;
• Experience with agile project management (Scrum, Kanban, etc.);
• Intermediate or advanced English, especially reading and writing to deal with frameworks, technical materials, and international clients;
• Proficiency in Excel for data analysis, organization of evidence, and structured reports;
• Analytical capacity and structured logical reasoning;
• Skills in building executive materials in PowerPoint, with mastery of storytelling strategies and logical structuring to present analyses, diagnostics, and recommendations clearly and decision-oriented.

Hybrid Regime

Location: Barueri/ SP.

#LI-DNI