Information Security Analyst
As one of the premier suppliers to our international banking client in Basel, Swisslinx are looking for an Information Security Analyst with mid-level experience and good knowhow if security risk and controls as well as strong IT understanding to work in a small and highly experienced Governance and Assurance Team on a contract basis starting ASAP.
This is a rolling contract running with option to extend up to five years.
Working in a small and very international Governance and Assurance Team you will support change approval, design reviews and risk assessments, contribute to the operations of information security processes, technology, and capabilities as well as ensure security by design by providing security recommendations in alignment with standards.
Generally speaking you will provide expert advice and operational experience on information security risk and control matters throughout the organisation. This includes:
• Assist with the coordination of the operations of vulnerability testing, including follow-up.
• Assist with application security program and support software developers in embedding security into the development lifecycle. Support the maturing of the penetration testing strategy and support in scoping and engagement with third parties
• Review and advise on the security measures to protect the confidentiality, integrity and availability of the Bank's information assets and critical services. Contribute to reviews of the assessment methodology
• Contribute to the implementation of industry-recognised key critical controls and contribute to Corporate Security compliance mandate
• Support the team on technical security projects to develop and enhance the BIS security policies and procedures. Participate in the gathering and analysis of information from security-related sources
• Support the team with the change management review and approval process
In order to be considered for this role, you will possess the following skills and experience:
• Strong understanding of IT infrastructure and application architecture, including cloud technologies (Microsoft Azure)
• Familiar with industry-recognised key critical controls (e.g. CIS, OWASP, SANS, etc…)
• Demonstrated security skills in the area of application security, penetration testing and cloud technology
• Strong analytical and documentation skills
• Good understanding of mobile related technologies, virtualisation, containers, as well as cloud security
• Experience with documenting and communicating results that may be consumed by both developers and management-level audiences
• Strong analytical capabilities and data-analysis skills
• Team player but technically autonomous
• Certification in security-related disciplines and technologies would be an advantage (accreditation such as CISSP or CISA).
• Fluency in English
Experience with the following technologies would be nice to have:
• Next Generation Firewalls
• Automation: Python/Powershell
• TFS, SharePoint, DevOps
• Exploit frameworks
• Vulnerability scanners
• Azure Security Centre
Please note due to COVID interviews would be conducted remotely, however the role is based 100% in Switzerland. The team is currently split between WFH and office right now. Post COVID occasional home office will be permitted.
Are you interested to work in an international environment in one of the leading companies in Switzerland? Then apply now! We look forward to receiving your full application.
By applying for this position, I consent to the Swisslinx Group of companies:
- storing my personal information (including name, contact details, Identification and CV information etc.) on their internal or external servers for the purpose of informing me of potential employment opportunities
- using my personal information or
- supplying it to third parties upon express consent for the purpose of informing me of potential job opportunities
- transferring where applicable my personal information to a country outside the EEA/EFTA