Information Security Officer (80 – 100%)

About the job

Information Security Officer (80 – 100%)

Shape the future of healthcare with us.

At CISTEC, we develop and operate KISIM, one of the leading clinical information systems in Switzerland. Our product supports medical professionals, nursing staff, and specialists in everyday clinical practice – from regional hospitals to university hospitals, from psychiatry to rehabilitation. What drives us is the conviction that good software relieves people and improves patient care.

Grow with us.

Since our beginnings with two employees, we have developed into a market-leading IT company with over 250 dedicated professionals – and we continue to grow. With us, competence, team spirit, and passion come together. If you want to be part of a success story that shapes the Swiss healthcare system daily, then you are exactly right with us.

Innovative together. For more time with people.

As an ISO, you are responsible for the technical implementation of information security, integrating security into operations and projects, pragmatically managing risks, and ensuring effective, actionable protective measures in everyday CISTEC life. You operate at the interface of governance, technology, and management. You are the central contact person for information and cybersecurity topics.

Your tasks

• Operation, maintenance, and further development of the ISMS (e.g., according to ISO/IEC 27001).
• Technical translation of security strategy into effective controls and standards.
• Conducting risk, threat, and vulnerability analyses.
• Definition, implementation, and tracking of technical security measures for risk treatment.
• Close collaboration with IT operations, architecture, cloud, and DevOps.
• Consulting projects on security-by-design and secure architecture.
• Support in security incidents including root cause analysis and lessons learned.
• Preparation of technical aspects of audits and compliance evidence.
• Monitoring of security KPIs and reporting to the CISO / management.
• Technical contact person for information security within the company.

Your profile

• Completed studies in computer science, IT security, business informatics, or a comparable qualification (CISA, CISM, etc.).
• Several years of professional experience in information security or IT security.
• Certifications in information security (e.g., CISSP, CISM, ISO/IEC 27001 Lead Implementer or Lead Auditor, CCSP, CRISC) are advantageous.
• Solid knowledge of relevant standards and frameworks (e.g., ISO/IEC 27001, ISO 27002, NIST CSF).
• Basic technical understanding of IT infrastructures, cloud environments, and applications.
• Experience with security controls, hardening, and secure configuration.
• Experience dealing with audits, compliance, and risk management processes.
• Structured, independent, and solution-oriented working style.
• Strong communication skills and assertiveness in dealing with different stakeholders.
• Very high self-motivation, energy, and resilience.
• Fluent in German & English, spoken and written.

We offer you

Meaningful work with impact: You work on exciting projects at the interface of AI and healthcare – in an interdisciplinary team that creates real added value.

Innovative environment: Together we develop pioneering solutions that sustainably improve clinical everyday life – with tangible impact for health professionals.

Flexible work: Part-time work, flexible working hours, and home office are a matter of course. After the probation period, you can work remotely up to four days a week.

Learning and innovation culture: We actively promote your further education and support you in attending professional conferences and trade fairs. Flat hierarchies and an open, agile team environment create space for personal and professional development.

Attractive benefits: Enjoy 5 weeks of vacation per year. Unpaid leave is possible by arrangement.

Shared experiences: We celebrate successes together – at lunch barbecues, on snow days, or at our team and company events.

Application

Please send your complete application documents by e-mail to: moc.cetsic@gnubreweb

Note for recruiters and headhunters:

Please do not send us applications from headhunters or recruitment agencies. Thank you for your understanding.

Diversity and inclusion:

CISTEC stands for equal opportunities and diversity. We welcome applications from all people regardless of personal characteristics or backgrounds.