SATIC: Data Risk & Governance Analyst

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively.

As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.

About PwC SATIC and the role

We are looking for an organised, dependable and delivery-focused Senior Associate with good attention to detail to join our TAD+ (Technology, AI, Data and Third Parties) Risk Management team, with a focus on Data Risk and Governance. The Data Risk and Governance team leads the investigation and remediation of data incidents affecting the firm, alongside broader responsibilities to improve how data is handled, governed and protected across PwC UK. We work closely with teams across the business to establish the facts, coordinate remediation and control improvement and provide guidance on data incidents and related queries. When not managing live incidents, the team delivers narrative and trend analysis to senior stakeholders to improve visibility of the current risk landscape and support action to reduce risk.

Summary:

We are seeking a proactive and innovative individual to tackle complex data incidents and queries. You will collaborate across diverse teams to investigate and remediate these tasks effectively, ensuring our data and reputation are protected.

In this role:

· You will Investigate data incidents, DLP alerts and Business Continuity requests promptly, escalating them where appropriate, to maintain service continuity and protect the firm’s confidential information.

· Develop and implement processes to streamline incident responses and other data governance related processes to improve future capabilities.

· Communicate trends and insights to senior stakeholders, offering recommendations to prevent recurrence.

· Contribute to the enhancement of our incident response processes, adapting quickly to emerging threats and technologies.

· Escalate high profile incidents to senior stakeholders around the firm.

· You will not only respond to incidents but also identify opportunities to improve data handling practices and reduce the likelihood of recurrence.

Experience required:

Essential skills and experience

· Demonstrated experience in incident management, including the ability to investigate, track, manage and remediate incidents effectively.

· Strong verbal and written communication skills, with the ability to translate complex concepts into clear business language (e.g. producing incident reports and presentations).

· Confident in escalating issues to senior leadership in a timely and appropriate manner.

· Proven ability to build and maintain effective relationships with a wide range of stakeholders (e.g. Legal, Human Capital, Compliance, Data Protection, Risk Management).

· Experience in a cybersecurity or data risk environment, with a solid understanding of compliance, data protection, risk management and security best practices.

· High attention to detail, ensuring incidents are accurately tracked, regularly updated and driven through to completion.

· Able to operate effectively in a fast-paced environment, managing multiple priorities simultaneously.

· Strong analytical and inquisitive mindset, with good judgement in identifying key issues and asking the right questions.

· Good understanding of PwC’s business model, services and operating environment, particularly in relation to the firm’s risk and threat landscape.

· Understanding of the data lifecycle (create, store, use, share, dispose) and its associated risks.

· Experience working with data governance frameworks, policies and controls.

· Ability to assess data handling risks within business processes and recommend improvements.

· Experience supporting or embedding controls and driving behavioural change within organisations.

Responsibilities of role:

Key responsibilities

· Investigate and respond to data incidents, DLP alerts and Business Continuity requests, working with LoS RM contacts, the Data Loss Team and other stakeholders to minimise impact and ensure appropriate handling, protection and use of sensitive data.

· Support incident remediation and control improvement activities, ensuring effective resolution and support across the firm.

· Analyse incident trends to identify root causes, recommend preventative measures, and drive improvements in data handling practices.

· Communicate insights, risk assessments and recommendations clearly to senior stakeholders.

· Develop and maintain incident response and data governance processes to strengthen organisational readiness.

· Promote a culture of good data handling and security awareness through training and stakeholder engagement.

· Ensure compliance with regulatory, legal and internal standards across all data incident and governance activities.

· Support the development and implementation of data governance frameworks, standards and controls.

· Conduct data risk assessments and control reviews, identifying systemic weaknesses and recommending improvements.

· Partner with LoS teams to improve data classification, storage, sharing and overall data management practices

. · Contribute to governance policies, documentation and broader initiatives to enhance data management across the firm.

Desirable skill sets include:

· Experience using an IT ticketing system such as ServiceNow.

· Experience handling live incidents which require timely remediation and closure.

· Knowledge of GDPR (Data Protection Act) which outlines personal data rules and regulations.

· Knowledge of Data Governance and Data Management.

· Knowledge of how to handle sensitive client and firm data.

· Ability to confidently speak to senior management in a professional manner under high stress scenarios.

Travel Requirements

Up to 20%

Available for Work Visa Sponsorship?

No

Job Posting End Date

June 30, 2026