Beschreibung

You will safeguard the digital landscape by managing the ISMS and technical security controls. From leading risk assessments to coordinating with external partners, you'll ensure a robust defense.

Anforderungen

• •5+ years in information security
• •Experience running an ISMS
• •Incident response and BCP/DR familiarity
• •Exposure to regulated environments
• •Strong written and spoken English
• •Hands on Microsoft 365/Azure security
• •Relevant security certifications
• •Experience with DORA and FINMA
• •Exposure to SOC 2 or NIST
• •Practical knowledge of GDPR
• •Scripting and automation skills
• •Familiarity with Snowflake data controls

Aufgaben

• •Maintain the ISMS, risk register, controls, and policies
• •Lead risk assessments and control testing
• •Manage corrective actions and reviews
• •Coordinate with outsourced SOC and CISO providers
• •Monitor security and manage incident responses
• •Run tabletop exercises and post-incident reviews
• •Maintain the incident response plan
• •Operate security across Defender, Entra ID, and Intune
• •Improve Purview, Sentinel, and M365 security
• •Manage conditional access, MFA, and PIM
• •Establish endpoint baselines and secure configurations
• •Run risk-based vulnerability and patch programs
• •Track remediation efforts with service providers
• •Lead vendor due diligence and ongoing monitoring
• •Manage DPAs aligned to outsourcing procedures
• •Implement data classification, retention, and DLP
• •Support privacy-by-design and coordinate with the DPO
• •Support audits and regulatory reviews
• •Deliver security awareness training and simulations
• •Maintain evidence, procedures, and runbooks
• •Produce monthly security dashboards

Tools & Technologien

Benefits