Manager - Cybersecurity - GRC - Toulouse - M/F

Job Description & Summary

Offer Presentation

Cybersecurity at PwC is above all an adventure. That of a team that has been building for over ten years, based on legitimacy acquired through constant effort in competence and relevance (whether technological or not), and an international strike force.

It also involves tailor-made approaches and tools to meet the needs of demanding but loyal clients. And it's a strong, committed, and benevolent collective, within which everyone can develop skills, initiatives, and a rich perspective on a complex subject.

At the Toulouse office, we help our clients transform risk into a strategic advantage. We operate in key sectors of the region (aeronautics, space, defense, energy, banking/insurance, public sector) to co-build security, compliance, and resilience systems that last over time and support our clients in their transformation challenges.

As a Manager, you will play a key role in the development of PwC's GRC activity. You will be involved in:

1. Risk Analysis & Management

• Conduct risk analyses (EBIOS RM, ISO 27005, NIST RMF, etc.): asset collection, definition of concrete attack scenarios, impact and likelihood assessment.
• Define & monitor indicators / KRIs: critical risks, trends, remediation tracking.
• Challenge risk / cost / deadline trade-offs with business / IT / CISO departments.

2. Compliance Implementation

• Perform compliance diagnostics and establish associated implementation plans (e.g., ISO 27001, DORA, NIS2, GDPR, etc.).
• Pilot the implementation of corrective measures: setting up controls, formalizing procedures on key issues (risk management, vulnerability management, security incident management, etc.), collecting evidence, preparing and conducting internal audits.

3. Governance & Cyber Transformation

• Build or strengthen governance frameworks (security policies, roles & responsibilities, essential processes, committees, KPIs, and reporting).
• Define or deploy transformation plans: building the security roadmap, raising awareness and engaging employees, promoting a risk culture.
• Support security-business integration: ensuring that cybersecurity is a decision-making lever, not a hindrance.

4. Delivery, Management and Business Development

• Co-facilitate workshops and structure deliverables (scoping notes, presentations, risk matrices, security policies, dashboards, etc.).
• Present your recommendations to clients (CISO, CIO, steering committee, business).
• Supervise and mentor consultants.
• Contribute to GRC capitalization in Toulouse (models, tools, lessons learned).
• Contribute to business development: identification of business opportunities, client retention and mission follow-up, account development, responses to calls for tenders, preparation of commercial proposals, construction of new offers.

What we expect from you:

• 6 to 10 years of experience in GRC (ideally acquired in a consulting firm or a large group).
• Solid command of standards and regulations: ISO 27001 / 27005, DORA, NIS2, GDPR, ISO 22301, EBIOS RM, NIST CSF.
• Proven experience in GRC program management: diagnosis, roadmap, implementation, indicators, budget tracking.
• Ability to support steering committees, lead strategic workshops, and influence CISO / CIO / business decisions.
• Excellent written and oral communication, pedagogical sense, and leadership.
• Interest in team development and knowledge transfer.
• Aptitude for business development, proposal writing, and participation in pre-sales.
• You are proficient in English (C1 level recommended), essential in an international environment.

These benefits we offer

Work Environment and Flexibility

• Flexibility with the FlexWork charter: extended teleworking, geographical mobility, FlexTime, Dress for your day.
• Crystal Park (Neuilly-sur-Seine site): 2-hectare private park, concierge, music room, gym, Café Joyeux.

Development

• International mobility and internal mobility after 12 months of seniority.
• New World. New Skills program to develop skills on tomorrow's challenges (ESG, technologies, diversity inclusion) and access to an on-demand training platform.

Commitment

• 3 days credit per year on working time for societal engagement missions.
• Sustainable mobility pass to cover your sustainable mobility expenses.

Health/Well-being

• Be Well, Work Well program to take care of your health (Gymlib partnership, United heroes application, sports associations, mindfulness training).
• Family Care program to support you in your parenting projects as well as in difficult times.

Also: RTT, health and provident insurance, company restaurants and meal vouchers, benefits from the Inter-Company Committee…

All our offers are open to people with disabilities.