Senior Associate - Supply Chain Cyber Security Specialist (Cyber Risk Advisory) — PwC Switzerland
CHF 100'500 - 136'500
PwC Switzerland · Zürich (ZH)
- Location
- Zürich
- Contract
- other
- Posted
- 261 days ago
SalaryCHF 100'500 - 136'500
Role overview
As a Senior Associate in our Cybersecurity and Privacy team, you will play a key role in delivering and growing our supply chain cyber risk capability across all sectors of clients.
You will help our clients strengthen their third-party cyber risk management programs, comply with evolving regulatory expectations such as DORA, NIS2, and respond to emerging threats across complex, global supply chains.
This is a growth-focused role, supporting engagements across multiple financial services and non-financial services clients, many of which are part of multi-year transformation programs.
- As a Senior Associate in our Cybersecurity and Privacy team, you will play a key role in delivering and growing our supply chain cyber risk capability across all sectors of clients.
- You will help our clients strengthen their third-party cyber risk management programs, comply with evolving regulatory expectations such as DORA, NIS2, and respond to emerging threats across complex, global supply chains.
- As part of the Cybersecurity and Privacy team of PwC Switzerland, you will work on:delivering client engagements focused on supply chain cyber security, third party risk, and compliance with DORA, NIS2, and related regulations across industries
- designing and implementing supplier segmentation, cyber risk assessments, control testing, continuous monitoring, and incident response processes as part of broader Supplier Risk and IT GRC transformations
Main responsibilities
- As part of the Cybersecurity and Privacy team of PwC Switzerland, you will work on:delivering client engagements focused on supply chain cyber security, third party risk, and compliance with DORA, NIS2, and related regulations across industries
- designing and implementing supplier segmentation, cyber risk assessments, control testing, continuous monitoring, and incident response processes as part of broader Supplier Risk and IT GRC transformations
- collaborating with clients to define and operationalize future state Third Party Risk Management (TPRM) operating models, including roles and responsibilities, escalation paths, and response plans
- building AI augmented TPRM capabilities and workflows leveraging platforms such as ServiceNow, ProcessUnity, BitSight, RiskRecon, and SecurityScorecard, including tooling configuration and integrations
- developing pragmatic recommendations and roadmaps to improve cyber risk governance, continuous monitoring, and incident/issue management across the third party lifecycle
- leading and contributing to workshops, reporting, and executive ready presentations for CISO, CIO, Risk, Compliance, and Procurement stakeholders
- supporting internal capability building, contributing to thought leadership, market propositions, proposal responses, and account expansion initiatives
- and coaching and mentoring junior team members while fostering a high performance, inclusive team culture.
- We are looking for a Senior Associate who embodies our core values and brings a strong background in cyber security: You have at minimum 5 years of relevant experience in cybersecurity, third-party risk, or supply chain risk management.
- You have a master's or bachelor's degree or an equivalent professional qualification in business administration or computer science.
Additional details
- As part of the Cybersecurity and Privacy team of PwC Switzerland, you will work on:delivering client engagements focused on supply chain cyber security, third party risk, and compliance with DORA, NIS2, and related regulations across industries; designing and implementing supplier segmentation, cyber risk assessments, control testing, continuous monitoring, and incident response processes as part of broader Supplier Risk and IT GRC transformations; collaborating with clients to define and operationalize future state Third Party Risk Management (TPRM) operating models, including roles and responsibilities, escalation paths, and response plans; building AI augmented TPRM capabilities and workflows leveraging platforms such as ServiceNow, ProcessUnity, BitSight, RiskRecon, and SecurityScorecard, including tooling configuration and integrations; developing pragmatic recommendations and roadmaps to improve cyber risk governance, continuous monitoring, and incident/issue management across the third party lifecycle; leading and contributing to workshops, reporting, and executive ready presentations for CISO, CIO, Risk, Compliance, and Procurement stakeholders; supporting internal capability building, contributing to thought leadership, market propositions, proposal responses, and account expansion initiatives; and coaching and mentoring junior team members while fostering a high performance, inclusive team culture.
