Information Security Specialist

at  SHL Medical AG

Zug, ZG, Switzerland -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate16 Dec, 2024Not Specified19 Sep, 20243 year(s) or aboveInformation Technology,Training,Software,Security Management,Cissp,Iso 27001 Lead Auditor,Communication SkillsNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

The Information Security Specialist is responsible for ensuring the safety and security of the organization’s assets. This role specifically involves preparing, achieving, and maintaining ISO 27001 compliance. The Information Security Specialist will work closely with various departments to ensure that all security measures are up-to-date and effective, and that the organization is prepared for and protected against security threats.

PROFESSIONAL EXPERIENCE & SPECIFIC SKILLS

Mandatory

  • Minimum of 3-5 years of experience in a security-related role.
  • In-depth knowledge of ISO 27001 standards and certification process, as well as familiarity with other industry standards (NIST CSF), regulations (GDPR, NIS2, CRA) and their implications for organizational security.
  • Strong understanding of information security principles.
  • Excellent problem-solving and decision-making skills.
  • Ability to work independently and as part of a team.
  • Strong communication skills, with the ability to convey complex security concepts to non-technical staff.
  • Proficiency in using security management tools and software.

Desirable (nice to have)

  • Willingness to participate in ongoing training and professional development opportunities.

RELEVANT QUALIFICATION/EDUCATION AND TRAINING

  • Education: Bachelor’s degree in Security Management, Information Technology, or a related field. Relevant certifications such as CISSP, CISM, or ISO 27001 Lead Auditor are highly desirable.

LANGUAGE SKILLS

Mandatory (Must)

  • English

Responsibilities:

Compliance and Certification:

  • Manage the ISO 27001 certification and afterwards ensure the organization complies with ISO 27001 standards, including documentation, risk management, and internal audits.
  • Coordinate with external auditors for ISO 27001 certification and maintain certification through continuous improvement and compliance efforts.
  • Implement and monitor compliance with industry standards and regulations, ensuring the organization meets all information security and reporting requirements.
  • Develop and maintain security policies, procedures, and audit records, updating them as needed to reflect changes in the regulatory environment.
  • Support customers by addressing compliance inquiries.

Information Security:

  • Oversee information security measures, assess the organization’s maturity level, monitor and report on performance.
  • Conduct regular assessments to identify weaknesses in the organization’s infrastructure.
  • Monitor activity for suspicious behavior and respond to potential threats.
  • Ensure that backup systems are in place and that data recovery procedures are regularly tested.

Training and Awareness:

  • Conduct regular training sessions for employees on information security and compliance.
  • Promote a culture of security awareness throughout the organization, encouraging employees to report potential security issues.
  • Develop and distribute educational materials related to security policies, procedures, and the importance of compliance.

Incident Response and Reporting:

  • Lead the organization’s incident response team, coordinating efforts to contain and mitigate the impact of security breaches.
  • Document and report security incidents in accordance with industry standards and regulations, ensuring timely communication with relevant authorities.
  • Analyze security incidents to determine root causes and implement measures to prevent future occurrences.

Risk Management:

  • Conduct regular risk assessments to identify potential security threats and vulnerabilities.
  • Develop and implement risk mitigation strategies to protect the organization’s assets.
  • Maintain an up-to-date risk register and ensure that risks are managed in accordance with the organization’s risk management framework.


REQUIREMENT SUMMARY

Min:3.0Max:5.0 year(s)

Information Technology/IT

IT Software - Network Administration / Security

Systems Administration

Graduate

Security management information technology or a related field

Proficient

1

Zug, ZG, Switzerland