Atour headquarters in Winterthur we are looking for a dedicated and experienced
CISO / Cloud Security Architect (100%)
to lead our Information Security team.
- Further develop a company-wide Information Security management strategy and ensure the execution of this strategy. Align standards, frameworks and security with overall business and technology strategy. Propose solutions that balance business requirements with Information Security requirements. Work closely together with IT and business stakeholders to propose and implement solutions that support the “secure digital journey” of the organization.
- Leading the Information Security team and further develop the people capabilities of the team.
- Further develop, maintain, monitor and govern of the defined Information Security processes such as the SOC (Security Operation Center) monitoring process, the incident handling process, awareness and other security operational processes (e.g. vulnerability assessment).
- Design security architecture elements in cloud applications and on-premise applications and define solutions to mitigate threats. Identify security design gaps and recommend updates or enhancements. Provide security consulting for projects.
- Perform security assessments and enforce Information Security requirement implementations across the whole IT landscape. Regularly monitor the company-wide compliance with Information Security standards and policies.
- Work closely with the DPO (Data Privacy Officer) to further strengthen the data privacy processes in Sulzer.
- Monitor industry trends, threats, vulnerabilities and mitigation measures. Keep senior management informed about these Security risks, threats and show potential implications for Sulzer on a regular basis.
- Degree as Bachelor/Master’s in Information Security or related field
- Team leading experiences (6+ years) and proven hands-on experience as CISO
- Sound knowledge about Information Security (cyber-risks, IT audit, IT compliance) and operational risk management in general. Very strong understanding of current threats including common attack types and malware capabilities. Deep understanding of IT infrastructure (network, server, clients, cloud) and application security design (API, interfaces). Experienced with mobile-related technologies, IoT / OT technologies and cloud-based security controls.
- Several years (6+) experience in security architecture, demonstrating solutions delivery, principles and emerging technologies as well as designing and implementing of security solutions. This includes continuous monitoring and improvements to those solutions.
- CISSP, CEH or equivalent security certifications
- General understanding of data privacy regulations and impact on security architecture
- Good presentation and proven communication and interpersonal skills across all stakeholder levels
- Fluently in English, German is a plus
- Working experience in industrial sector is a plus
In this exciting and challenging role, you will have the possibility to apply your existing knowledge and learn new skills in a dynamic global environment. You will become part of the IT organization that successfully operates in 40 countries in the world. Together with your team you will have the opportunity to contribute to the success of the Group IT Organization at Sulzer.
Sulzer is a global leader in fluid engineering. We specialize in pumping, agitation, mixing, separation and application technologies for fluids of all types. Our customers benefit from our commitment to innovation, performance and quality and from our responsive network of 180 world-class manufacturing facilities and service centers across the globe. Sulzer has been headquartered in Winterthur, Switzerland, since 1834. In 2019, our 16’500 employees delivered revenues of CHF 3.7 billion. Our shares are traded on the SIX Swiss Exchange (SIX: SUN). www.sulzer.com