Risk Security Officer (3rd party risk focus)
As the "2nd Line of Defense" within SIX, Corporate Security is responsible company-wide for the design, maintenance and control of all integral security issues.
Our team collects and transports the security requirements of all business areas as well as the central functions, with an international focus. We advise projects, introduce security requirements, identify and evaluate risks and transport them to the risk owners and business units. We also support the implementation of various contractual, regulatory and legal security requirements (e.g. EU-GDPR, PCI-DSS).
•Collaboration in the implementation and expansion of the IT Control Framework
•Planning and implementation of recurring group-wide IT control activities; Ensuring governance of the reported IT controls
•Collaboration in the establishment of the SIX Security Policy Framework and its governance
•Collaboration in the development and implementation regarding Security Issues and IT Risk in the areas of Third-Party-Risk Management
•Preferably training or certification in the following domains CISA, CISM, CRISC, bachelor or master in Information Technology; knowledge of COBIT, PCI-DSS, ISO/IEC 2700x, CSA, ISF Standard of Good Practice is an advantage
•Independent and responsible person with good planning and organizational skills
•Single-minded with a quick mind and the passion to approach problems unconventionally and to deliver sustainable results
•English as documentation language is a must, German as second language of communication is an advantage
For this vacancy we only accept direct applications.