Your responsibilities:

• Execute and coordinate activities identified by the Cyber Security roadmap, such as the delivery of essential security services to the company
• Support in ensuring business continuity and security of systems
• Guide and coordinate with the external and internal personnel during the execution of activities

Tied to the Cyber Security roadmap, you will have a particular focus on the following activities and still collaborate with the rest of the group:

• Security operations management and incident response, including monitoring, identifying and analyzing potential threats to respond to potential incidents on time
• Improving security event generation and tracking, ensuring timely detection capability
• Monitoring and governance of the relationship with vendors of implemented security solutions
• Managing the technical aspects of data classification according to the internal model, ensuring that the solution is active and configured correctly on all data types at the perimeter
• Life cycle management of the company's security devices and software according to SSDLC (Secure System Development Life Cycle) principles
• Managing internal network management issues
• Managing and continuously improving the model for identifying minimum Cyber Security requirements for relevant projects
• Assessment of Cyber Security implications for release activities or changes to existing and new application components
• Proposal and implementation of new cybersecurity tools to improve the resilience of the IT infrastructure
• Support in ongoing training of junior security team, providing guidance and mentoring to improve their technical and governance skills
• Developing and implementing a cyber risk management methodology to verify that all aspects of Cyber Security, group-wide, have been assessed, adhered to, and managed
• Regular execution of security assessments to assess, mitigate and monitor cyber risks, following regulations and corporate standards
• Continuously updating regarding the latest security trends, vulnerabilities and mitigation strategies

Your qualifications:

• Master's degree and/or technical degree in IT disciplines
• At least 7 years of experience in security, systems and networks. Possible experience as a consultant in IT security or related fields will be considered a plus.
• Excellent English and Italian speaking, writing and reading skills. The position involves constant contact with Group personnel located in various countries.
• Ability to work effectively both independently and as part of a team, with excellent communication and consulting skills.
• Due to Swiss work permit restrictions, we can only consider applications from Swiss nationals, EU citizens as well as current work-permit holders for Switzerland.

Extensive experience and knowledge, gained in complex hybrid environments, on issues of:

• Hybrid Identity (Active Directory, Azure Active Directory, MFA, Certification Authority)
• Endpoint security (Antivirus, EDR, web protection tools)
• Threat management (spam filters, attack surface management tools, vulnerability assessment, penetration testing, threat intelligence)
• Infrastructure security and management (patch management, hardening, security monitoring activation, routine and non-routine maintenance, policy management, secure publishing)
• Knowledge of cloud environments and architectures preferably Microsoft Azure
• Cloud security (Microsoft Defender suite, CASB, CSPM, Azure security)
• Security and networking in pharmaceutical manufacturing plants and remote locations
• Thorough knowledge of Windows and Linux operating systems
• Knowledge of encryption, authentication and 802.1x solutions
• Knowledge of networking issues (TCP/IP, DNS, Wi-Fi, remote desktop, VNC)
• Knowledge of network protection tools (e.g., NDR, NGFW, IPS/IDS, SWG)
• Knowledge of the principles of Security by Design and Secure System Development Life Cycle (SSDLC)
• Knowledge of more advanced network protection solutions (e.g., ZTNA, SASE) and more canonical ones (e.g., VPN, bastion host)
• Knowledge of major data classification systems) and data loss prevention
• Knowledge of GRC tools and issues related to cyber risk management

Preferred Technical Skills

• Certifications in cyber security (e.g., CISSP, GIAC, etc.).
• Ability to design and implement software solutions suitable for articulated or large IT systems

Your application

Please apply online. For further information about the position, please contact your Gi Group recruiter, Mrs. Anh Nguyen (+41 76 586 02 13).

About Gi Group

Gi Group is part of Gi Group Holding, a global ecosystem of HR services and consulting that supports the development of the labour market and helps to change people's lives in 37 countries around the world.

In Switzerland we operate with the brands Gi Group, Grafton, BauTech, Gi Life Sciences and former Kelly Services. We are active in temporary, permanent and professional staffing as well as in a variety of complementary HR Services. With a direct presence in 35 locations across Switzerland and over 250 employees, we are one of the leading staffing companies in the Swiss recruitment market.

Gi Group is specialist for Temporary and Permanent staffing and your valuable partner for many other HR Solutions. We are changing lives by connecting candidates with companies, and we work every day to create value. Your Job, Our Work.