Senior Security Officer / Division Security Partner

Corporate Security and its company-wide sphere of activity has the responsibility to ensure the adherence of compliance regarding information security from the perspective of 2nd line of defense (LOD2) - by means to assess and enforce compliance regarding the SIX policies, Swiss regulations and EU GDPR. The team Division Security Partner is part of Corporate Security and act as central contact to the divisions to bidirectional connect and exchange information security related matter between the IT and the Divisions. Furthermore Division Security Partner support the Divisions in projects, they identify and assess information security related risks and suggest adequate counter measures to keep the right balance and to finally ensure efficient and stable operations.

Main duties:
  • Be responsible for ensuring the correct functional and technical implementation of information security and security requirements, methods and processes, as well as for the management of information security risks for the division Securities Services and Swiss Exchange
  • Control and enforce checks on implementation and compliance with security regulations, measures and processes
  • Perform functional and technical security , IT risk and IT compliance reviews and approve IT risk assessment, security concept plans and solutions that address exclusively division and country/location specific issues
  • Analyze designs of application/infrastructure components in order to identify and manage IT risks within division. Perform assessments considering the business impact, criticality of components, and associated threats and vulnerabilities in order to recommend controls to mitigate risks to an acceptable level
  • Review and approve security documentations, regulations and arrangements for exceptions that have exclusively division and country/location specific consequences
  • Initiate and track tasks/mitigating measures arising within division and its locations that are needed to ensure IT compliance
  • Maintain good contacts with or proactively participate in institutions, associations and interest groups on issues of corporate and divisional security in coordination and agreement with the CSO
  • Initiate and drive SIX security topics within division to guide their business in implementing the SIX security strategy
  • Accompany critical projects, conduct IT risks and IT compliance assessments or support project managers to identify, analyze impact and probability of IT risks and to determine mitigation measures
  • Support division and their locations during internal and external audits
Your profile:
  • University degree (or FH) in IT or economic & IT plus further education in the Security domains (i.e. CISSP, CISA, CISM, CRISC, MAS IT Security)
  • Several years of working experience in consulting in Information Security and Information Risk Management and working in IT security projects
  • Profound skill in Information security topics in the domains of governance, architecture, processes and technology including questions around IT Compliance
  • Skills in Information security standards ISF, ISO, NIST would be preferred
  • Analytical and conceptual thinking on strategic level
  • Very good communication and presentation skills in contact with the stakeholders and senior management
  • Very good German and English skills (speaking and writing)
We are looking forward to receiving your complete application electronically.

SIX Management AG, Judith Gubser
T 058 399 24 79
Referenz-Code 4073

We only accept online direct applications.
  • Corporate functions
  • Shared Services
  • Zurich
  • Expert Position without management responsibility
  • Full-time