Information Security Risk Manager Information Security Risk Manager …

in Zurich, Zurich, Switzerland
Permanent, Full time
Be the first to apply
in Zurich, Zurich, Switzerland
Permanent, Full time
Be the first to apply
Information Security Risk Manager
You will be joining a recently created information security and risk management team accountable for the design and implementation of the company's security strategy and program globally. Because the client is a privately owned business, they have a long-term vision and strategy. This enables them to have a security program which is stable and truly focused on delivering business value for security.

About our client

Our client is one of the leading health and life science companies in Switzerland. This is a permanent role ideally starting as soon as possible based in Kanton Zurich.

Your role

- Analyse impact of new technologies, information security laws and regulations.
- Assess information security controls and risks and drive risk remediation with risk owners.
- Maintain the information security risk and issues registers and run information risk committees.
- Define risks and vulnerability mitigation strategies and work with teams to remediate.
- Coordinate penetration testing, vulnerability scanning and risk reporting for our projects.
- Perform audits and assessments of service providers, documents and tracks risks to closure.
- Drive inventorisation and performs security categorization of systems with owners.
- Further develop and implements the Information Security Framework (ISF).
- Give guidance and takes accountability for business daily compliance to the ISF as well as in business and IT projects and drives continuous improvement based on customer's feedback.
- Design and delivers the security education training awareness program (SETA).
- Participate in design and performs internal audits of business compliance to the ISF.
- Support IT and business stakeholders in internal or external audits.
- Respond to information security incidents and timely reports to relevant stakeholders.

Your background

- University Degree in Information Security, IT or equivalent, Master's degree in information security related domains is strongly desirable.
- Desirable: Professional information security certification or associate level membership such as CISSP, CISM or ISO 27001 auditor / practitioner.
- Desirable: Professional information system, risk or audit certifications such as CIA/CISA/CRISC.
- 5+ years of professional work experience, preferably in information technology, information or data management or in other technology related roles.
- 3+ years' experience with Information Security Risk Management.
- You are confident and able to communicate why security is a business enabler.
- You have working knowledge of information security standards such as NIST and ISO 27001.
- You are able to drive business awareness and comfortably explain the connection between data protection regulations such as the General Data Protection Regulation and information security and risk management.
- Beneficial: You have knowledge of GXP, CSV and pharmaceutical industry related regulations.
- You have strong verbal and written communication skills in English and German.
- You are resilient, self-reliant/self-motivated, proactive with high degree of accountability and you have excellent operating skills in a dynamic team environment.
- You are a strong communicator: presentation and training, relationship management, consultation, negotiation.
- You have a high level of personal integrity, ability to professionally handle confidential matters and convince by appropriate level of judgment and maturity.
- You have the ability to work in a matrix and geographically dispersed organization.
- If needed, you could travel around 30% of your working time (worldwide).

What's on offer

- Work for an established Swiss company
- International, multi-cultural working environment
- Canteen and parking spaces on site
- Friendly colleagues

If you are a highly motivated, ambitious person, please apply via the portal or the swisslinx website. For further information, do not hesitate to contact Katia Kosa via the swisslinx website or +41 (0)58 268 10 40.
By applying for this position, I consent to the Swisslinx Group of companies:
- storing my personal information (including name, contact details, Identification and CV information etc.) on their internal or external servers for the purpose of informing me of potential employment opportunities
- using my personal information or
- supplying it to third parties upon express consent for the purpose of informing me of potential job opportunities
- transferring where applicable my personal information to a country outside the EEA/EFTA

I also hereby agree to the Swisslinx privacy policy ( and Terms of Use (