Senior Associate Supply Chain Cyber Security Specialist Cyber Risk Advisory

Line of Service

Advisory

Industry / Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Your team :

As a Senior Associate in our Cybersecurity and Privacy team you will play a key role in delivering and growing our supply chain cyber risk capability across all sectors of clients. You will help our clients strengthen their third‑party cyber risk management programmes comply with evolving regulatory expectations such as DORA NIS2 and respond to emerging threats across complex global supply chains.

This is a growth‑focused role supporting engagements across multiple financial services and non‑financial services clients many of which are part of multi‑year transformation programs. You will work alongside experienced leaders and subject matter experts with opportunities to shape go‑to‑market offerings drive delivery excellence and coach junior team members.

This role is ideal for someone looking to sit at the intersection of cybersecurity and supply chain and be part of a forward‑thinking team building the next generation of cyber risk services.

As part of the Cybersecurity and Privacy team of PwC Switzerland you will work on :

• Delivering client engagements focused on supply chain cyber security third‑party risk and compliance with DORA NIS2 and related regulations across industries;
• Designing and implementing supplier segmentation cyber risk assessments, control testing, continuous monitoring and incident response processes as part of broader Supplier Risk and ITGRC transformations;
• Collaborating with clients to define and operationalise future‑state Third‑Party Risk Management (TPRM) operating models including roles and responsibilities, escalation paths and response plans;
• Building AI‑augmented TPRM capabilities and workflows leveraging platforms such as ServiceNow, ProcessUnity, BitSight, RiskRecon and SecurityScorecard including tooling configuration and integrations;
• Developing pragmatic recommendations and roadmaps to improve cyber risk governance, continuous monitoring and incident/issue management across the third‑party lifecycle;
• Leading and contributing to workshops, reporting and executive‑ready presentations for CISO, CIO, Risk, Compliance and Procurement stakeholders;
• Supporting internal capability building, contributing to thought leadership, market propositions, proposal responses and account expansion initiatives; and
• Coaching and mentoring junior team members while fostering a high‑performance inclusive team culture.

We are looking for a Senior Associate who embodies our core values and brings a strong background in cyber security :

• You have at minimum 5 years of relevant experience in cybersecurity third‑party risk or supply chain risk management.
• You have a masters or bachelors degree or an equivalent professional qualification in business administration or computer science. Additional certificates such as CISM, CRISC, ISO 27001 Lead Implementer, CISSP are a plus.
• Proven experience working with financial services clients ideally within regulatory‑driven engagements (e.g. DORA NIS2).
• Strong understanding of supply chain cybersecurity frameworks, supplier risk segmentation, control testing and cyber risk quantification.
• Familiarity with supply chain risk platforms such as ProcessUnity, ServiceNow, BitSight, RiskRecon or equivalent.
• Excellent communication stakeholder engagement and client‑facing skills.
• You have strong verbal and written communication skills to interact effectively with all levels of management and staff.
• You are fluent in English and (ideally) also in German and / or French.
• You have a high degree of initiative, self‑organisation and sense of responsibility.

• Accepting Feedback
• Active Listening
• Agile Methodology
• Analytical Thinking
• Azure Data Factory
• Communication
• Creativity
• Cybersecurity
• Cybersecurity Framework
• Cybersecurity Policy
• Cybersecurity Requirements
• Cybersecurity Strategy
• Embracing Change
• Emotional Regulation
• Empathy
• Encryption Technologies
• Inclusion
• Intellectual Curiosity
• Learning Agility
• Managed Services
• Optimism
• Privacy Compliance Regulatory Response Security Architecture
• 8 more

• Procurement
• Lawson
• SAP
• Supply Chain Experience
• SAP APO
• SAP Supply Chain Management
• Production Planning
• SAP ERP
• ERP Systems
• Logistics
• Manufacturing
• MRP

Full‑Time

years

1