Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

IFS - Information Technology (IT)

Management Level

Manager

Job Description & Summary

Pwc Luxembourg is hiring an IT Governance, Risk and Compliance (GRC) Specialist M/F/D. What if it was you? 

 

Who we are: PwC Luxembourg (www.pwc.lu) is the largest professional services firm in Luxembourg with over 3,800 people employed from 90 different countries. PwC Luxembourg provides audit, tax and advisory services including management consulting, transaction, financing and regulatory advice. The firm provides advice to a wide variety of clients from local and middle market entrepreneurs to large multinational companies operating from Luxembourg and the Greater Region. The firm helps its clients create the value they are looking for by contributing to the smooth operation of the capital markets and providing advice through an industry-focused approach.  

  

At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 149 countries with more than 370,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com and www.pwc.lu.  

 

Be a part of our team where you will:  

Ensure the IT organization remains compliant with internal standards, regulatory requirements, and industry best practices; Act as a custodian of IT GRC frameworks, ensuring consistency and adherence across the organization;  Define, develop, document and maintain IT policies, processes, and procedures to align with organizational objectives and regulatory requirements; Perform IT risk assessments to identify, analyze, and mitigate IT-related risks and vulnerabilities across the systems, infrastructure and operations; Monitor key risk indicators and recommend actionable strategies to address deviations effectively, contributing to enhanced risk posture; Prepare risk and compliance reports for management and stakeholders, offering actionable insights to support informed decision-making; Coordinate and support the execution of internal and external IT audits, tracking audit issues and ensuring timely remediation;Collaborate with IT and business teams to implement corrective actions and drive continuous improvement based on audit findings and risk assessments; Develop and deliver training on GRC topics, policies, and procedures to staff, fostering a culture of compliance and awareness throughout the organization; Stay updated on emerging technologies, threats, regulatory changes, and industry trends to proactively address risks and opportunities. 

 

Let’s talk about you. If you...

Hold at least bachelor’s degree in IT or equivalent and minimum 3 to 5 years of experience in IT GRC, IT security, or related fields with a proven track record of supporting GRC initiatives, audits, and compliance programs; Show demonstrated experience conducting comprehensive risk assessments, including the identification, evaluation, and mitigation of IT-related risks; Have practical knowledge of compliance management and IT auditing processes, including vulnerability assessments and the development of effective risk treatment plans; Understand relevant regulatory requirements (e.g., GDPR, DORA, CSSF Circulars, etc.) with the ability to ensure organizational adherence to these standards; Have practical experience working with IT governance frameworks such as COBIT, ITIL, and other compliance and risk management frameworks; Possess strong analytical skills to assess complex IT risk and compliance issues, develop solutions, and implement changes effectively; Show proficiency in implementing, monitoring, and maintaining IT governance and compliance controls within complex IT environments; Have exceptional attention to detail, especially when reviewing policies, controls, and risk assessments, ensuring thoroughness and accuracy; Have excellent written and verbal communication skills, with the ability to present complex GRC topics clearly to both technical and non-technical stakeholders; Show proven ability to manage multiple tasks and projects efficiently, meeting deadlines while maintaining high-quality and compliance standards; Have strong interpersonal skills with a team-oriented mindset, fostering collaboration across departments to achieve GRC objectives; Are fluent in English and French, with the ability to work effectively in multicultural and multilingual environments. 

 

Certification (you have preferably one or more of the following certifications): 

ISO/IEC 27001 Lead Implementer/Lead Auditor ITIL Foundation COBIT2019 CRISC (Certified in Risk and Information Systems Control) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) 

  

…You are the candidate we are looking for! 

 

A final word about us:  

At PwC, we believe diversity is the representation of all the characteristics that make us both alike and unique. Our backgrounds, cultures, nationalities, lifestyles, identities, opinions and beliefs, approaches to solving problems, ways of working, and views of personal and professional success, all add value to the services we deliver to our clients. Our objective is to nurture an inclusive environment where a diversity mindset is ingrained, and inclusion is the norm. We constantly focus on respecting and valuing individual differences. 

 

Ready to grow your potential, reaching excellence together? Apply now!  

 

Want to keep up with our latest updates? Follow us on: LinkedIn | Instagram | Twitter | Facebook | TikTok 

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Auditing Methodologies, Coaching and Feedback, Communication, Continuous Process Improvement, Creativity, Embracing Change, Emotional Regulation, Empathy, Fault Analysis, Inclusion, Intellectual Curiosity, Internal Controls, Issue Management, IT Audit, IT Performance Management, Learning Agility, Optimism, Performance Monitor, Process Improvement, Professional Courage, Quality Assurance Metrics {+ 16 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date