Line of Service
Advisory
Industry/Sector
Not Applicable
Specialism
Cybersecurity & Privacy
Management Level
Senior Associate
Job Description & Summary
Your team:
As a Senior Associate in our Cybersecurity and Privacy team, you will play a key role in delivering and growing our supply chain cyber risk capability across all sectors of clients. You will help our clients strengthen their third-party cyber risk management programmes, comply with evolving regulatory expectations such as DORA, NIS2, and respond to emerging threats across complex, global supply chains.
This is a growth-focused role, supporting engagements across multiple financial services and non-financial services clients, many of which are part of multi-year transformation programs. You will work alongside experienced leaders and subject matter experts, with opportunities to shape go-to-market offerings, drive delivery excellence, and coach junior team members.
This role is ideal for someone looking to sit at the intersection of cybersecurity and supply chain, and be part of a forward-thinking team building the next generation of cyber risk services.
Your impact:
As part of the Cybersecurity and Privacy team of PwC Switzerland, you will work on:
- delivering client engagements focused on supply chain cyber security, third‑party risk, and compliance with DORA, NIS2, and related regulations across industries;
- designing and implementing supplier segmentation, cyber risk assessments, control testing, continuous monitoring, and incident response processes as part of broader Supplier Risk and IT‑GRC transformations;
- collaborating with clients to define and operationalise future‑state Third‑Party Risk Management (TPRM) operating models, including roles and responsibilities, escalation paths, and response plans;
- building AI‑augmented TPRM capabilities and workflows leveraging platforms such as ServiceNow, ProcessUnity, BitSight, RiskRecon, and SecurityScorecard, including tooling configuration and integrations;
- developing pragmatic recommendations and roadmaps to improve cyber risk governance, continuous monitoring, and incident/issue management across the third‑party lifecycle;
- leading and contributing to workshops, reporting, and executive‑ready presentations for CISO, CIO, Risk, Compliance, and Procurement stakeholders;
- supporting internal capability building, contributing to thought leadership, market propositions, proposal responses, and account expansion initiatives; and
- coaching and mentoring junior team members while fostering a high‑performance, inclusive team culture.
Your skillset:
We are looking for a Senior Associate who embodies our core values and brings a strong background in cyber security:
- You have at minimum 5 years of relevant experience in cybersecurity, third-party risk, or supply chain risk management.
- You have a master's or bachelor's degree or an equivalent professional qualification in business administration or computer science. Additional certificates such as CISM, CRISC, ISO 27001 Lead Implementer, CISSP are a plus.
- Proven experience working with financial services clients, ideally within regulatory-driven engagements (e.g., DORA, NIS2).
- Strong understanding of supply chain cybersecurity frameworks, supplier risk segmentation, control testing, and cyber risk quantification.
- Familiarity with supply chain risk platforms such as ProcessUnity, ServiceNow, BitSight, RiskRecon, or equivalent.
- Excellent communication, stakeholder engagement, and client-facing skills.
- You have strong verbal and written communication skills to interact effectively with all levels of management and staff.
- You are fluent in English and (ideally) also in German and/or French.
- You have a high degree of initiative, self-organisation and sense of responsibility.
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:
Certifications (if blank, certifications not specified)
Required Skills
Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more}
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Available for Work Visa Sponsorship?
Government Clearance Required?
Job Posting End Date