Information Security & Risk Analyst

  • Chemin de la Crétaux 33, 1196 Gland, Switzerland
  • Full-time

Company Description

By joining Swissquote, you will become a member of the sector's leading company. You will be encouraged to develop your skills and to grow within teams of highly qualified specialists. We encourage personal development and actively support creative team work, leadership and responsibility.

Job Description



  • Develop, maintain and publish up-to-date (Company) information security policies to accommodate business and regulatory evolution
  • IT compliance oversee: LPD, GDPR, FINMA regulation, etc.
  • Regular reporting on the security situation and effectiveness of implemented measures towards the CRO, Executive Management and Risk Committee



  • Establish relevant operational and administrative controls
  • Operate and optimize controls
  • Report thereon


Awareness program

  • Participate in definition of objectives
  • Evaluate training
  • Monitor implementation with HR support



  • Support internal and external audit process



  • Organize pentests
  • Coordinate remediation plans


Risk management

  • Maintain IT Risk register
  • Perform security risk assessments of new business projects and support business team in applying mitigations measures
  • Support in answering security-related queries from our clients and partners


Security Operations

  • Operates DLP, SIEM, EDR and other detection and response tools
  • Exception management
    • supervise process
    • document


Business Continuity

  • Continuous improvement of Framework
  • Monitoring of tests
  • Coordination with WL/Partners


Incident Management

  • Coordination with Operation in case of cyber or BCP incident
  • Forensic of cyber Incidents



Minimum Qualifications

  • Bachelor and/or Master in Computer Science or similar
  • Very strong analysis skills
  • Fluent in French and excellent English communication skills, oral and written
  • Knowledge in Risk Framework and Audit Framework (NIST, COBIT, ....)
  • Minimum 3-5 years experience
  • Basic knowledge of scripting (Python, Bash) and programming (Java, C)


Nice to have

  • ISO27001 certification
  • CISSP(2)
  • CISA
  • AWS / Azure security knowledge

Additional Information


Privacy Policy