Information Security Risk Manager

Set up as a new job alert
  1. Permanent
  2. English, German
  3. Mid-Senior level
  4. Digital & Technology
  5. Zurich
  6. Healthcare & Life Sciences
  7. NIST, ISO, Risk, Information Security
This vacancy has now expired
You will be joining a recently created information security and risk management team accountable for the design and implementation of the company’s security strategy and program globally. Because the client is a privately owned business, they have a long-term vision and strategy. This enables them to have a security program which is stable and truly focused on delivering business value for security.

About our client

Our client is one of the leading health and life science companies in Switzerland. This is a permanent role ideally starting as soon as possible based in Kanton Zurich.

Your role

- Analyse impact of new technologies, information security laws and regulations.
- Assess information security controls and risks and drive risk remediation with risk owners.
- Maintain the information security risk and issues registers and run information risk committees.
- Define risks and vulnerability mitigation strategies and work with teams to remediate.
- Coordinate penetration testing, vulnerability scanning and risk reporting for our projects.
- Perform audits and assessments of service providers, documents and tracks risks to closure.
- Drive inventorisation and performs security categorization of systems with owners.
- Further develop and implements the Information Security Framework (ISF).
- Give guidance and takes accountability for business daily compliance to the ISF as well as in business and IT projects and drives continuous improvement based on customer’s feedback.
- Design and delivers the security education training awareness program (SETA).
- Participate in design and performs internal audits of business compliance to the ISF.
- Support IT and business stakeholders in internal or external audits.
- Respond to information security incidents and timely reports to relevant stakeholders.

Your background

- University Degree in Information Security, IT or equivalent, Master's degree in information security related domains is strongly desirable.
- Desirable: Professional information security certification or associate level membership such as CISSP, CISM or ISO 27001 auditor / practitioner.
- Desirable: Professional information system, risk or audit certifications such as CIA/CISA/CRISC.
- 5+ years of professional work experience, preferably in information technology, information or data management or in other technology related roles.
- 3+ years’ experience with Information Security Risk Management.
- You are confident and able to communicate why security is a business enabler.
- You have working knowledge of information security standards such as NIST and ISO 27001.
- You are able to drive business awareness and comfortably explain the connection between data protection regulations such as the General Data Protection Regulation and information security and risk management.
- Beneficial: You have knowledge of GXP, CSV and pharmaceutical industry related regulations.
- You have strong verbal and written communication skills in English and German.
- You are resilient, self-reliant/self-motivated, proactive with high degree of accountability and you have excellent operating skills in a dynamic team environment.
- You are a strong communicator: presentation and training, relationship management, consultation, negotiation.
- You have a high level of personal integrity, ability to professionally handle confidential matters and convince by appropriate level of judgment and maturity.
- You have the ability to work in a matrix and geographically dispersed organization.
- If needed, you could travel around 30% of your working time (worldwide).

What’s on offer

- Work for an established Swiss company
- International, multi-cultural working environment
- Canteen and parking spaces on site
- Friendly colleagues

If you are a highly motivated, ambitious person, please apply via the portal or the swisslinx website. For further information, do not hesitate to contact Katia Kosa via the swisslinx website or +41 (0)58 268 10 40.

How to get your first executive job


COVID-19 - Swisslinx is fully operational at this time!