Information Security
Activity description:
-Knowledge of the risk assessment and treatment process organized according to the ISO/IEC 27001, NIST Cybersecurity Framework and Cloud Architecture Framework
-Participate in review and analysis of security and Business products/services and make recommendations based on risk assessment, security standard and best practices.
-Provide advice, challenge, and help improve IT Risk and Information Security frameworks in line with Swiss and international regulatory requirements.
-Actively participate in monitoring to identify trends and new developments in information security and threats.
- Consult with IT teams to determine cloud security requirements and plan and deliver cloud-based business solutions.
-Monitor compliance and adherence to set requirements and the life cycle of cloud security assets.
-Carry out controls, recommend improvement measures and follow their implementation.
-Ensure Information Security operation tasks, including incident management.
-Cloud Security-related certifications (CCSP, CCSK, Certified Cloud Professional/Architect.
Specific requirements:
-Solid understanding of information risk assessment procedures as well as widely used frameworks like ISO/IEC 27001, NIST Cybersecurity Framework and Cloud Architecture Framework.
-Experience in the field of information security and technology.
-Excellent problem-solving and analytical skills.
-Ability to educate a non-technical audience about various security and data protection measures.
-Effective verbal and written communication skills (Italian and English).
Languages:
-Italian
-English
-German (nice to have)
Experience
-Proven experience in similar positions (> 3 years).
-Cloud experience (GCP and Azure).
-General knowledge of the banking industry and its regulations.
