Information Security & Risk Analyst

  • Full-time

Company Description

By joining Swissquote, you will become a member of the sector's leading company. You will be encouraged to develop your skills and to grow within teams of highly qualified specialists. We encourage personal development and actively support creative team work, leadership and responsibility.

Job Description

 

Governance

  • Develop, maintain and publish up-to-date (Company) information security policies to accommodate business and regulatory evolution
  • IT compliance oversee: LPD, GDPR, FINMA regulation, etc.
  • Regular reporting on the security situation and effectiveness of implemented measures towards the CRO, Executive Management and Risk Committee

 

Controls

  • Establish relevant operational and administrative controls
  • Operate and optimize controls
  • Report thereon

 

Awareness program

  • Participate in definition of objectives
  • Evaluate training
  • Monitor implementation with HR support

 

Audits

  • Support internal and external audit process

 

Pentest

  • Organize pentests
  • Coordinate remediation plans

 

Risk management

  • Maintain IT Risk register
  • Perform security risk assessments of new business projects and support business team in applying mitigations measures
  • Support in answering security-related queries from our clients and partners

 

Security Operations

  • Operates DLP, SIEM, EDR and other detection and response tools
  • Exception management
    • supervise process
    • document

 

Business Continuity

  • Continuous improvement of Framework
  • Monitoring of tests
  • Coordination with WL/Partners

 

Incident Management

  • Coordination with Operation in case of cyber or BCP incident
  • Forensic of cyber Incidents

 

Qualifications

Minimum Qualifications

  • Bachelor and/or Master in Computer Science or similar
  • Very strong analysis skills
  • Fluent in French and excellent English communication skills, oral and written
  • Knowledge in Risk Framework and Audit Framework (NIST, COBIT, ....)
  • Minimum 3-5 years experience
  • Basic knowledge of scripting (Python, Bash) and programming (Java, C)

 

Nice to have

  • ISO27001 certification
  • CISSP(2)
  • CISA
  • AWS / Azure security knowledge

Additional Information

SQ2

Privacy Policy