About our client
Our client is one of the leading health and life science companies in Switzerland. This is a permanent role ideally starting as soon as possible based in Kanton Zurich.
- Analyse impact of new technologies, information security laws and regulations.
- Assess information security controls and risks and drive risk remediation with risk owners.
- Maintain the information security risk and issues registers and run information risk committees.
- Define risks and vulnerability mitigation strategies and work with teams to remediate.
- Coordinate penetration testing, vulnerability scanning and risk reporting for our projects.
- Perform audits and assessments of service providers, documents and tracks risks to closure.
- Drive inventorisation and performs security categorization of systems with owners.
- Further develop and implements the Information Security Framework (ISF).
- Give guidance and takes accountability for business daily compliance to the ISF as well as in business and IT projects and drives continuous improvement based on customer’s feedback.
- Design and delivers the security education training awareness program (SETA).
- Participate in design and performs internal audits of business compliance to the ISF.
- Support IT and business stakeholders in internal or external audits.
- Respond to information security incidents and timely reports to relevant stakeholders.
- University Degree in Information Security, IT or equivalent, Master's degree in information security related domains is strongly desirable.
- Desirable: Professional information security certification or associate level membership such as CISSP, CISM or ISO 27001 auditor / practitioner.
- Desirable: Professional information system, risk or audit certifications such as CIA/CISA/CRISC.
- 5+ years of professional work experience, preferably in information technology, information or data management or in other technology related roles.
- 3+ years’ experience with Information Security Risk Management.
- You are confident and able to communicate why security is a business enabler.
- You have working knowledge of information security standards such as NIST and ISO 27001.
- You are able to drive business awareness and comfortably explain the connection between data protection regulations such as the General Data Protection Regulation and information security and risk management.
- Beneficial: You have knowledge of GXP, CSV and pharmaceutical industry related regulations.
- You have strong verbal and written communication skills in English and German.
- You are resilient, self-reliant/self-motivated, proactive with high degree of accountability and you have excellent operating skills in a dynamic team environment.
- You are a strong communicator: presentation and training, relationship management, consultation, negotiation.
- You have a high level of personal integrity, ability to professionally handle confidential matters and convince by appropriate level of judgment and maturity.
- You have the ability to work in a matrix and geographically dispersed organization.
- If needed, you could travel around 30% of your working time (worldwide).
What’s on offer
- Work for an established Swiss company
- International, multi-cultural working environment
- Canteen and parking spaces on site
- Friendly colleagues
If you are a highly motivated, ambitious person, please apply via the portal or the swisslinx website. For further information, do not hesitate to contact Katia Kosa via the swisslinx website or +41 (0)58 268 10 40.