7 Jobs für Identity Governance in Schweiz

• Develop, implement, and maintain cybersecurity policies, standards, and procedures
• Conduct risk assessments, threat modeling, and vulnerability assessments, including technical security audits and penetration testing
• Prepare and support internal/external audits and certifications (e.g., TISAX, IATF 16949, ISO/IEC 27001, ISO 31000)
• Monitor and investigate security alerts, respond to incidents, and manage follow-up actions
• Lead improvements in detection and response workflows with SOC and IT stakeholders
• Organize, manage, and evaluate external penetration testing and vulnerability scans
• Operate and improve security infrastructure such as SIEM, EDR, IDS/IPS, firewalls, etc.
• Supervise vulnerability remediation, patch cycles, and endpoint protection strategies
• Plan and deliver cybersecurity awareness campaigns, simulations, and targeted training

• Degree in information security, computer science, or a related technical discipline
• Further training or certifications in cybersecurity or ethical hacking preferred
• Professional credentials such as ISO/IEC 27001, CISSP, or TISAX auditor are an asset
• Minimum of 3 years' experience in a similar role, ideally in an international company
• At least 5 years of technical experience implementing security concepts and controls
• Familiarity with SOC/CSIRT operations and experience handling major security incidents
• Proficient with Microsoft 365 administration, network security, and layered IT architectures
• Strong knowledge of security management tools for vulnerabilities, assets, and services
• Fluent in English (spoken and written); German or additional languages are a plus
• Willingness to travel internationally on occasion

• A challenging environment in a global industry-leading company
• Possibility of some remote work, while regular on-site presence is encouraged
• Attractive employment conditions, professional development, and career growth opportunities
• A collaborative and forward-thinking team culture

• Analyze and assess the security posture of OT systems and industrial networks (SCADA, PLCs, DCS)
• Drive implementation of scalable and resilient OT security architectures aligned with policies
• Develop, implement, and maintain OT-specific security policies and standards
• Conduct threat analyses, risk and vulnerability assessments, and penetration testing
• Collaborate with OT operations, engineering teams, and vendors to promote security culture
• Design and deliver OT security awareness programs and practical training sessions
• Support TISAX assessments and IATF 16949 security compliance requirements
• Assist with audits, regulatory compliance, and implementation of industry standards (IEC 62443, ISO 27001)
• Lead or participate in projects to improve OT security maturity and resilience

• Higher education in information security, industrial automation, or manufacturing engineering
• Certifications or training in OT security or IACS topics are preferred
• 3+ years of cybersecurity experience with focus on industrial manufacturing/OT environments
• Proven experience with OT security architectures, network security, and segmentation
• Solid knowledge of industrial protocols (e.g., OPC UA, Modbus, Profibus, PROFINET, DNP3)
• Familiarity with standards such as IEC 62443, ISO/IEC 27000 series, and IATF 16949
• Experience with SCADA/ICS/PLC systems and industrial firewalls is an advantage
• Ability to conduct vulnerability scans, risk assessments, and penetration testing in OT
• Willingness to travel approximately 10-20%

• A challenging environment in a global industry-leading company
• Possibility of some remote work, while regular on-site presence is encouraged
• Attractive employment conditions, professional development, and career growth opportunities
• A collaborative and forward-thinking team culture

Standort: Zürich, Schweiz

Bist du bereit, deine Fähigkeiten im Bereich IT-Sicherheit auf die nächste Stufe zu heben? Bei der CONVOTIS Swiss Cloud AG suchen wir einen engagierten und erfahrenen Security Officer. Als führender Schweizer Anbieter von sicheren Hosting- und Managed Services für geschäftskritische IT-Anwendungen, bieten wir dir die Möglichkeit, in einem dynamischen und innovativen Umfeld zu arbeiten. Unsere Experten planen und entwickeln spezialisierte Lösungen und betreiben komplexe Systeme in hochsicheren Schweizer Rechenzentren. Du wirst Teil eines Teams, das sich seit über zwei Jahrzehnten für höchste Servicequalität in den Bereichen Finanzen, Wirtschaft, Verwaltung und Wissenschaft einsetzt. Wenn du in einem Unternehmen arbeiten möchtest, das höchsten internationalen Standards für Prozess- und Datensicherheit gerecht wird und dabei Werte wie Vertrauen, Fairness und Innovation lebt, dann bist du bei uns genau richtig!

In der Position als Senior Security Officer bist Du für die Sicherheit komplexer IT-Infrastrukturen und Business-Applikationen verantwortlich.

• Verantwortlich für Sicherheitsstrategie des Unternehmens.

• Unterstützung des CISO bei der Erstellung und Pflege des Regelwerks, der Audits und den Zertifizierungen (Bereitstellung Evidenzen)

• Führt interne Audits zur Überprüfung der Sicherheitsstandards durch.

• Gesamtverantwortung für Vulnerability Management

• Überwachung und Analyse von Sicherheitsvorfällen sowie Entwicklung von Strategien zur Risikominderung. (Security Incident Management)

• Third Party Risk Assessments.

• Entwickelt und dokumentiert Pläne zur Reaktion auf Sicherheitsvorfälle.

• Beantwortet Fragen und bietet Beratung zu Sicherheitsfragen.

• Unterstützung Infrastruktur SIEM/SOC.

• Verantwortlich für die Planung und Durchführung von Schulungen und Awareness-Programmen.

For our client, a company in the pharmaceutical manufacturing industry based in Lugano (Switzerland), we are looking for a Senior Information Security Specialist for a permanent role.

Your responsibilities:

• Execute and coordinate activities identified by the Cyber Security roadmap, such as the delivery of essential security services to the company
• Support in ensuring business continuity and security of systems
• Guide and coordinate with the external and internal personnel during the execution of activities

Tied to the Cyber Security roadmap, you will have a particular focus on the following activities and still collaborate with the rest of the group:

• Security operations management and incident response, including monitoring, identifying and analyzing potential threats to respond to potential incidents on time
• Improving security event generation and tracking, ensuring timely detection capability
• Monitoring and governance of the relationship with vendors of implemented security solutions
• Managing the technical aspects of data classification according to the internal model, ensuring that the solution is active and configured correctly on all data types at the perimeter
• Life cycle management of the company's security devices and software according to SSDLC (Secure System Development Life Cycle) principles
• Managing internal network management issues
• Managing and continuously improving the model for identifying minimum Cyber Security requirements for relevant projects
• Assessment of Cyber Security implications for release activities or changes to existing and new application components
• Proposal and implementation of new cybersecurity tools to improve the resilience of the IT infrastructure
• Support in ongoing training of junior security team, providing guidance and mentoring to improve their technical and governance skills
• Developing and implementing a cyber risk management methodology to verify that all aspects of Cyber Security, group-wide, have been assessed, adhered to, and managed
• Regular execution of security assessments to assess, mitigate and monitor cyber risks, following regulations and corporate standards
• Continuously updating regarding the latest security trends, vulnerabilities and mitigation strategies

Your qualifications:

• Master's degree and/or technical degree in IT disciplines
• At least 7 years of experience in security, systems and networks. Possible experience as a consultant in IT security or related fields will be considered a plus.
• Excellent English speaking, writing and reading skills. The position involves constant contact with Group personnel located in various countries.
• Ability to work effectively both independently and as part of a team, with excellent communication and consulting skills.
• Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland.

Extensive experience and knowledge, gained in complex hybrid environments, on issues of:

• Hybrid Identity (Active Directory, Azure Active Directory, MFA, Certification Authority)
• Endpoint security (Antivirus, EDR, web protection tools)
• Threat management (spam filters, attack surface management tools, vulnerability assessment, penetration testing, threat intelligence)
• Infrastructure security and management (patch management, hardening, security monitoring activation, routine and non-routine maintenance, policy management, secure publishing)
• Knowledge of cloud environments and architectures preferably Microsoft Azure
• Cloud security (Microsoft Defender suite, CASB, CSPM, Azure security)
• Security and networking in pharmaceutical manufacturing plants and remote locations
• Thorough knowledge of Windows and Linux operating systems
• Knowledge of encryption, authentication and 802.1x solutions
• Knowledge of networking issues (TCP/IP, DNS, Wi-Fi, remote desktop, VNC)
• Knowledge of network protection tools (e.g., NDR, NGFW, IPS/IDS, SWG)
• Knowledge of the principles of Security by Design and Secure System Development Life Cycle (SSDLC)
• Knowledge of more advanced network protection solutions (e.g., ZTNA, SASE) and more canonical ones (e.g., VPN, bastion host)
• Knowledge of major data classification systems) and data loss prevention
• Knowledge of GRC tools and issues related to cyber risk management

Preferred Technical Skills

• Certifications in cyber security (e.g., CISSP, GIAC, etc.).
• Ability to design and implement software solutions suitable for articulated or large IT systems

Your application

Please apply online. For further information about the position, please contact your Gi Group recruiter, Mrs. Anh Nguyen (+41 76 586 02 13).

About Gi Group

Gi Group is part of Gi Group Holding, a global ecosystem of HR services and consulting that supports the development of the labour market and helps to change people's lives in 37 countries around the world.

In Switzerland we operate with the brands Gi Group, Grafton, BauTech, Gi Life Sciences and former Kelly Services. We are active in temporary, permanent and professional staffing as well as in a variety of complementary HR Services. With a direct presence in 35 locations across Switzerland and over 250 employees, we are one of the leading staffing companies in the Swiss recruitment market.

Gi Group is specialist for Temporary and Permanent staffing and your valuable partner for many other HR Solutions. We are changing lives by connecting candidates with companies, and we work every day to create value. Your Job, Our Work.

Branche: Pharma-Industrie

Funktion: Technologie/EDV

Anstellungsart: Festanstellung

For one of our clients in Geneva, a banking company, we are recruiting an Access Management (IAM) Expert who is open-minded and client-oriented, is passionate about his work, who believes in success and has a strong team spirit. Are you looking for you next challenging position? This opportunity is for you

Responsibilities:

As an Access Management (IAM) Expert you are in charge of the strategic analysis, design, implementation and maintenance of IAM systems and processes. You implement a scalable, secure IAM architecture (frameworks and advanced authentication specifications). You also drive the configuration, integration and customization of IAM component (workflow, role models, provisioning connectors). In addition you evaluate and identify new systems and services for integration into IAM Platform. Moreover, you develop, refine and enforce IAM policies and standards. You oversee the implementation of a role-based access control (RBAC) framework.

Profile:

• Bachelor in Computer Science or equivalent
• Master in development or Cybersecurity is a plus
• Minimum 5 years experience in Identify and Access Management
• Good knowledge in security architecture, security engineering and integration, secure application development or identify federation.
• Excellent knowledge of IAM products
• Excellent knowledge of SAML, OAuth, OpenID, LDAP
• Excellent knowledge in PowerShell, Java. C#
• Knowledge in MiM platform.

As a security professional, you will play a key role in the strategic analysis, design, implementation and maintenance of Identity and Access Management (IAM) systems. Your goal is to develop and enforce IAM policies that ensure a scalable, secure IAM architecture.

• Analyze and implement IAM systems
• Design a secure IAM architecture
• Configure and integrate IAM components
• Evaluate new systems for integration into the IAM platform
• Develop and refine IAM policies
• Implement Role-Based Access Control (RBAC)

• Bachelor's degree in Computer Science or equivalent
• Master's degree in development or Cybersecurity
• Minimum 5 years experience in IAM
• Good knowledge of security architecture, security engineering and integration
• Excellent knowledge of IAM products
• Expertise in SAML, OAuth, OpenID, LDAP, Java, C#

We are looking for an experienced security professional who can help us improve our Identity and Access Management (IAM) systems. As a member of our team, you will be responsible for analyzing and implementing IAM systems, designing a secure IAM architecture, configuring and integrating IAM components, evaluating new systems for integration, developing and refining IAM policies, and implementing Role-Based Access Control (RBAC). If you have a passion for security and a strong background in IAM, we encourage you to apply for this exciting opportunity.