Information Security Specialist
at SHL Medical AG
Zug, ZG, Switzerland -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 16 Dec, 2024 | Not Specified | 19 Sep, 2024 | 3 year(s) or above | Information Technology,Training,Software,Security Management,Cissp,Iso 27001 Lead Auditor,Communication Skills | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
The Information Security Specialist is responsible for ensuring the safety and security of the organization’s assets. This role specifically involves preparing, achieving, and maintaining ISO 27001 compliance. The Information Security Specialist will work closely with various departments to ensure that all security measures are up-to-date and effective, and that the organization is prepared for and protected against security threats.
PROFESSIONAL EXPERIENCE & SPECIFIC SKILLS
Mandatory
- Minimum of 3-5 years of experience in a security-related role.
- In-depth knowledge of ISO 27001 standards and certification process, as well as familiarity with other industry standards (NIST CSF), regulations (GDPR, NIS2, CRA) and their implications for organizational security.
- Strong understanding of information security principles.
- Excellent problem-solving and decision-making skills.
- Ability to work independently and as part of a team.
- Strong communication skills, with the ability to convey complex security concepts to non-technical staff.
- Proficiency in using security management tools and software.
Desirable (nice to have)
- Willingness to participate in ongoing training and professional development opportunities.
RELEVANT QUALIFICATION/EDUCATION AND TRAINING
- Education: Bachelor’s degree in Security Management, Information Technology, or a related field. Relevant certifications such as CISSP, CISM, or ISO 27001 Lead Auditor are highly desirable.
LANGUAGE SKILLS
Mandatory (Must)
- English
Responsibilities:
Compliance and Certification:
- Manage the ISO 27001 certification and afterwards ensure the organization complies with ISO 27001 standards, including documentation, risk management, and internal audits.
- Coordinate with external auditors for ISO 27001 certification and maintain certification through continuous improvement and compliance efforts.
- Implement and monitor compliance with industry standards and regulations, ensuring the organization meets all information security and reporting requirements.
- Develop and maintain security policies, procedures, and audit records, updating them as needed to reflect changes in the regulatory environment.
- Support customers by addressing compliance inquiries.
Information Security:
- Oversee information security measures, assess the organization’s maturity level, monitor and report on performance.
- Conduct regular assessments to identify weaknesses in the organization’s infrastructure.
- Monitor activity for suspicious behavior and respond to potential threats.
- Ensure that backup systems are in place and that data recovery procedures are regularly tested.
Training and Awareness:
- Conduct regular training sessions for employees on information security and compliance.
- Promote a culture of security awareness throughout the organization, encouraging employees to report potential security issues.
- Develop and distribute educational materials related to security policies, procedures, and the importance of compliance.
Incident Response and Reporting:
- Lead the organization’s incident response team, coordinating efforts to contain and mitigate the impact of security breaches.
- Document and report security incidents in accordance with industry standards and regulations, ensuring timely communication with relevant authorities.
- Analyze security incidents to determine root causes and implement measures to prevent future occurrences.
Risk Management:
- Conduct regular risk assessments to identify potential security threats and vulnerabilities.
- Develop and implement risk mitigation strategies to protect the organization’s assets.
- Maintain an up-to-date risk register and ensure that risks are managed in accordance with the organization’s risk management framework.
REQUIREMENT SUMMARY
Min:3.0Max:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Systems Administration
Graduate
Security management information technology or a related field
Proficient
1
Zug, ZG, Switzerland