Global Information Security Lead 100% (f/m/d)
- Employment type
- Full-time
- Location
- Rüti
- Company
- Work4you AG, Krummgasse 13, 8200 Schaffhausen
- Languages
- German (fluent), English (fluent)
- First posted
Our client is an internationally active, growth-oriented technology company with innovative, data-based products. Information security forms a central foundation for the trust of the global customer base and the reliable protection of business-critical data. You can expect a modern environment in which pragmatic solutions, personal responsibility, and continuous development are the focus.
What the company offers
• Competitive compensation package
• Responsible key position with a direct reporting line to the CIO
• High degree of creative freedom in the further development of global information security
• International and technologically demanding working environment
• Opportunities for professional and personal development
• Support for continuous further education in the field of Cybersecurity
• Regular team events and company activities
• Free parking
• Modern, innovative, and appreciative corporate culture
• Long-term permanent employment in a growing company
Our client wishes
• At least three to five years of professional experience in information security with practical technical activity
• Sound experience in monitoring, evaluating, and fully processing security incidents
• Good knowledge in the field of Cloud Security on at least one leading platform such as AWS, Azure, or GCP
• Experience with ISO 27001 or SOC 2
• Knowledge in Vulnerability Management as well as in handling security monitoring tools
• Independent and solution-oriented way of working with a strong sense of responsibility
• Ability to independently plan, drive, and successfully implement initiatives
• Clear and audience-appropriate communication with IT, Engineering, specialist departments, and customers
• Willingness to visit other company locations once or twice per year
• Certifications such as CISSP, CISM, or Cloud Security specializations are an advantage
• Experience with site- or region-spanning security structures is an advantage
• Background in a SaaS, Deeptech, or product-oriented technology company is an advantage
• Knowledge in DevSecOps or Infrastructure as Code is an advantage
• Very good English skills in speaking and writing
What awaits you
• Overall responsibility for strategy, operations, and compliance in the field of information security
• Monitoring and evaluation of security alerts as well as coordination of Incident Response
• Responsibility for the full processing and sustainable resolution of security incidents
• Management of vulnerability scans and remediation of identified risks on end devices, servers, networks, and applications
• Monitoring and further development of the Cloud Security architecture in AWS, Azure, and regional platforms
• Responsibility for the deployed security solutions such as SIEM, EDR, E-Mail Security, Vulnerability Scanner, and WAF
• Further development of Identity and Access Management
• Optimization of SSO, MFA, privileged access, and periodic authorization reviews
• Ensuring professional processes for entries, changes in function, and exits
• Conducting security and architecture audits for new systems and infrastructure changes
• Maintenance and further development of the ISO-27001 certification
• Coordination of external audits and penetration tests
• Development and updating of security policies, standards, and operational playbooks
• Identification, documentation, and tracking of security risks
• Conducting security awareness training to strengthen the security culture
• Processing of security questionnaires and customer assessments
• Support of the Sales team in security-relevant tenders and customer discussions
• Understandable communication of security updates, policy changes, and required measures to all locations
Automatically translated from the original.
Posted 2 days ago