Beschreibung
We have a current opportunity for a Security Specialist on a contract basis. The position will be based in Basel, Switzerland.Start: May
Duration: 12 months
Workload: 100%
Hybrid working
We are looking for a professional Security Specialist to join our Corporate Security team to support in our strategic and governance security environment. This would be an operational role running on going corporate security work-packages, also supporting various deliverables for projects. The team is made up of around 6 other members and they focus on review, create and update Security Policies and Standards following industry best practices.
Perfect candidate:
Security Specialist with an ability to understand security policies and compliance requirements (could come also from a technical audit background). The candidate should be willing to work on security policies and standards in addition to conducting compliance reviews with very good technical understanding and ownership mindset. Also very dynamic, results oriented and comfortable with reporting.
General Information:
Tasks & Responsibilities:
Provide expert advice and operational experience on information security risk and control matters throughout the organisation. This includes:
* Review of existing security standards/baselines and creation of new ones
* Conduct compliance reviews/audits of the organization's information assets.
* Support the maturing of the penetration testing strategy and support in scoping and engagement with third parties
* Review and advise on the security measures to protect the confidentiality, integrity and availability of the Bank's information assets and critical services.
* Perform risk assessments and contribute to reviews of the assessment methodology
* Contribute to the implementation of industry-recognised key critical controls and contribute to Corporate Security compliance mandate
* Support the team on technical security projects, in particular to develop and enhance the security policies and procedures. Participate in the gathering and analysis of information from security-related sources
Ideal skills / Experience:
* Familiarity with industry-recognized frameworks and controls (e.g., NIST CSF, CIS, OWASP, SANS, etc…). We are looking for experience in implementing these frameworks.
* Certification in security-related disciplines and technologies would be an advantage (accreditation such as CISSP, CRISC, CISA, OSCP, PCI DSS)
* Experience with documenting and communicating results that may be consumed by both developers and management-level audiences.
* Experience with Big 4 consulting firm (i.e KPMG, Deloitte, PWC, Accenture) would be a big plus
* Security knowledge in operating system, application security, penetration testing and cloud technology and sound knowledge of cyber governance risk management practices
Experience with some of the following:
*Security Policy and Standard creation
*Risk management processes
Interpersonal skills:
* Self-confident with good collaboration skills
* Able to learn things quickly
* Team player and technically autonomous
Nice to Have:
* TFS, SharePoint, DevOps
* Azure Security Centre
* Compliance monitoring tools
* KRI/KPI development and monitoring
* Nexpose
if you are interested in hearing more, please apply with you most up to date CV
Michael Bailey International is acting as an Employment Business in relation to this vacancy.