IT Governance, Risk and Compliance Consultant

IT Governance, Risk and Compliance Consultant At PwC, we focus on creating a promising future where trust and innovation go side by side. Do you want to face this challenge with us? PwC Services Portugal (PSP) is a joint venture between PwC Luxembourg and PwC Portugal, serving as an integral extension of PwC Luxembourg. Our growing team operates as an acceleration center supporting PwC Luxembourg’s clients. Leveraging a unique pool of talented professionals based in Matosinhos, our operating model ensures scalability, consistency, and quality in service delivery by integrating seamlessly into PwC Luxembourg’s operations and addressing talent attraction challenges sustainably. The role - IT Governance, Risk and Compliance Consultant As an IT Governance Risk and Compliance Consultant, you will support the effective implementation and operation of the IT Governance, Risk, and Compliance framework across the IT organization. You will contribute to risk management, compliance monitoring, policy maintenance, and audit support activities, helping to ensure alignment with internal standards and regulatory requirements. Your main responsibilities will include, but are not limited to: Support the IT organization in maintaining compliance with internal policies, regulatory requirements, and firm standards Coordinate the documentation, review, and update of IT policies, processes, and procedures with IT stakeholders Support in IT risk assessments through the identification, analysis, and documentation of IT‑related risks and vulnerabilities across systems, infrastructure, and operations Maintain and strengthen a central database of risks, controls and action plan of the various IT audit frameworks Monitor IT risks and controls effectiveness, collect evidence and escalate deviations or issues as appropriate Provide IT risk, controls and compliance reports, dashboards, and summaries for management and stakeholders Assist in the internal and external IT audits journey Work closely with IT stakeholders to ensure in a timely manner the implementation of corrective actions arising from audit findings and risk assessments Contribute to GRC awareness initiatives and training activities.