Beschreibung
Security Manager
Main Responsibilities:
Extend existing ISO27001 processes to insourced team the ISMS based on ISO 27001, ISO 27002 and ISO 27011
Ensure compliance to all applicable laws, regulations, contractual obligations, internal and external standards
Work out and implement security solutions together with the specialists and implement these to enable near shoring
Advice management and specialists in all aspects of Information Security and Data Protection
Provide Project Consulting in all aspects of Information Security and Data Protection
Work with client's technical and business resources to understand their security needs and formulate appropriate security solutions
Analyse in- and external audit needs and put in place necessary support infrastructure
Act as a contact person for internal and external audits
Analyse BCM and DR needs and establish necessary support infrastructure
Setup monthly KPI and Security Incident Reporting for the Sunrise Managed Services Organisation
Drive automation of detection and response technologies in order to improve the overall efficiency of the team/function
Provide input to partner organizations in security engineering and security operations to influence security product strategy and future roadmap
Key Tasks:
Implement Security Incident management process for transferred IT team
Implement technical security solutions to enable near shoring
Ensure full compliance to customers' security policies
Analyse customers' security audit responsibilities and set up supporting infrastructure
Establish necessary BCP and DR processes
Requirements:
Experience in ICT industry, understanding of Telecom industry
In-depth knowledge of the most common security standards such as ISO , PCI DSS, etc.
Experience in Risk Management, BCM, DR
Profound general knowledge in Operating Systems, Networks, Databases, Applications, etc.
In-depth knowledge in the most important technical security measures like, IAM, SIEM, Vulnerability Mgmt, DLP, Encryption/PKI, Network Security
A holistic understanding of attack vectors, current threats, and mitigation and remediation strategies
A firm grasp of the capabilities and limitations of information security technologies
A keen understanding of how response capabilities are highly critical for managing enterprise risk
Experience with computer forensics practices and procedures, investigations, and evidence handling is preferred
Ability to communicate technical security objectives orally and in writing to a variety of audiences
Ability to design, evaluate and document process improvements when conducting lessons learned exercises
Effectively perform work at varying levels to include executive/strategic and detailed/analytical
Proven experience in developing comprehensive security architectures, solutions and concepts in a complex environment
Knowledge of Swiss Data Protection Act as well as Telecommunication Laws and Regulations is a plus
Solid experience in Project Management
Result oriented, high energy, self-motivated, open minded, flexible
Work well in fast paced complex projects and multicultural environment
Proficient in English, other language is desirable (German, French, Italian)
Skills
Education: Bachelor's degree in Computer Science or related field, degree(s) in CAS/MAS Information Security, CISA, CISM, CISSP or equivalent
Experience: at least 3 to 5 years experience in Information Security role
Language: Fluent English, German is considered a plus
Other: Experience with Operators' O&M Department, Managed Services Organizations or Security Organizations is a plus
Please send your CVs to
(see below)