Senior Cyber Security Officer (a) 80 - 100%

We are constantly developing new ideas to improve ourselves and our services. Our experts are the driving forces in this process.
Does this environment appeal to you? Then you are the right fit for this exciting position as Senior Information Security Officer. In this senior role, you act as a 1.5 Line of Defence in a professional cyber security and risk challenge function between operational IT and the 2nd Line. You do not take on operational system responsibility but actively control, assess, and demand the implementation of technical and organizational cyber security measures.

• Together with the CISO office, you are responsible for the conceptual further development of the cyber and information security architecture and ensure its regulatory compliance
• You shape the further development of the ISMS and implement regulatory, organizational, and technical security requirements. In doing so, you analyze regulatory and legal developments (e.g., FINMA, ISG, Data Protection Act), translate them into actionable requirements, and accompany their introduction
• You are responsible for technical IT security topics in ongoing operations (Run the Bank), define binding security requirements, and control their implementation in areas such as cloud security, IAM/conditional access, endpoint and device security, etc.
• You define and maintain technical security baselines, hardening requirements, and ensure their compliance in operations. Furthermore, you support the further development of awareness and training measures and ensure their effectiveness from a cyber risk perspective
• You identify, assess, and prioritize cyber and ICT risks and translate technical issues into decision-relevant bases for the CISO, management, and committees. You coordinate internal and external audits as well as penetration tests in the area of cyber & information security and support the implementation of resulting measures

• You have a university or university of applied sciences degree in computer science or a comparable field and bring solid practical experience in IT and cyber security; as well as additional training in information security (e.g., CISSP, CISA, CISM, ISO 27001 Lead Auditor)
• You have several years of professional experience in a technical IT or cyber security role with operational proximity to IT operations - ideally in a regulated financial environment as well as sound knowledge of relevant regulations (FINMA circulars, Data Protection Act) and standards (ISO 27001, NIST or CIS)
• You have broad technical understanding in areas such as cloud security (especially Microsoft Azure/M365), IAM & conditional access, endpoint and network security, as well as application security
• You work in a structured and solution-oriented manner, take on high personal responsibility, and are able to independently prioritize, decide, and implement technical security topics
• You are strong in communication, confident in negotiations, and convince with your appearance

• Support for your individual development needs, both in terms of time and finances
• Flexible working arrangements (part-time, job sharing, home office, annual working hours)
• Between 25 – 30 vacation days per year
• Sustainable compensation: no individual bonuses, but profit sharing for all employees
• How we interact: informal culture - open – personal – team-oriented

Martin Flury
HR Business Partner

For pioneers, bridge builders, and future shapers: The BEKB Group has a lot to offer you as an employer – far more than banking. In the Bern/Solothurn region, we advise and support private and corporate clients with innovative financial services. The needs of our customers are always the focus of our daily work. With our IT subsidiary aity AG, we create the right technical conditions for this.

The well-being of our employees is close to our hearts. We promote young and experienced talents in their development, advocate for individual and flexible working arrangements, and pave the way for training and career opportunities . Our open and positive corporate culture is at the forefront. Trust, commitment, and sustainability are firmly anchored with us; diversity , collaboration, and humor are part of our DNA.