Senior Associate - Supply Chain Cyber Security Specialist - Cyber Risk Advisory

Senior Associate - Supply Chain Cyber Security Specialist - Cyber Risk Advisory

Join to apply for the Senior Associate - Supply Chain Cyber Security Specialist - Cyber Risk Advisory role at PwC Switzerland.

As a Senior Associate in our Cybersecurity and Privacy team, you will play a key role in delivering and growing our supply chain cyber risk capability across all sectors of clients. You will help our clients strengthen their third‑party cyber risk management programs, comply with evolving regulatory expectations such as DORA, NIS2, and respond to emerging threats across complex, global supply chains.

This is a growth‑focused role, supporting engagements across multiple financial services and non‑financial services clients, many of which are part of multi‑year transformation programs.

• Delivering client engagements focused on supply chain cyber security, third party risk, and compliance with DORA, NIS2, and related regulations across industries.
• Designing and implementing supplier segmentation, cyber risk assessments, control testing, continuous monitoring, and incident response processes as part of broader Supplier Risk and IT GRC transformations.
• Collaborating with clients to define and operationalize future state Third Party Risk Management (TPRM) operating models, including roles and responsibilities, escalation paths, and response plans.
• Building AI augmented TPRM capabilities and workflows leveraging platforms such as Service Now, Process Unity, Bit Sight, Risk Recon, and Security Scorecard, including tooling configuration and integrations.
• Developing pragmatic recommendations and roadmaps to improve cyber risk governance, continuous monitoring, and incident/issue management across the third party lifecycle.
• Leading and contributing to workshops, reporting, and executive ready presentations for CISO, CIO, Risk, Compliance, and Procurement stakeholders.
• Supporting internal capability building, contributing to thought leadership, market propositions, proposal responses, and account expansion initiatives.
• Coaching and mentoring junior team members while fostering a high performance, inclusive team culture.

• You have at minimum 5 years of relevant experience in cybersecurity, third‑party risk, or supply chain risk management.
• You have a master's or bachelor's degree or an equivalent professional qualification in business administration or computer science. Additional certificates such as CISM, CRISC, ISO 27001 Lead Implementer, CISSP are a plus.
• Proven experience working with financial services clients, ideally within regulatory‑driven engagements (e.g., DORA, NIS2).
• Strong understanding of supply chain cybersecurity frameworks, supplier risk segmentation, control testing, and cyber risk quantification.
• Familiarity with supply chain risk platforms such as Process Unity, Service Now, Bit Sight, Risk Recon, or equivalent.
• Excellent communication, stakeholder engagement, and client‑facing skills.
• You have strong verbal and written communication skills to interact effectively with all levels of management and staff.
• You are fluent in English and (ideally) also in German and/or French.
• You have a high degree of initiative, self‑organisation and sense of responsibility.

Patricia Santos

At PwC Switzerland, we help clients build trust and reinvent so they can turn complexity into competitive advantage. We're part of a tech‑forward, people‑empowered network and help clients build, accelerate and sustain momentum across audit, assurance, tax, legal, workforce, deals and consulting.

Seniority level:
Associate

Employment type:

Full‑time
Job function:
Consulting
Industries:
Business Consulting and Services