-
View all jobs
We are partnered with a digital asset bank looking to hire a senior information security manager in Zurich, to lead and enhance our technology-risk, cybersecurity, and operational resilience programme.
Responsibilities include:
Responsibilities include:
- Maintain and update the enterprise risk register and Information Security Management System (ISMS) in alignment with DORA and ISO 27001.
- Oversee the Business Impact Analysis (BIA) and Business Continuity/Disaster Recovery Plan (BCM/DRP), including testing, gap analysis, and reporting.
- Manage the relationship with the managed SIEM/SOC provider; validate detection rules, incident playbooks, and SLAs; organise purple-team exercises.
- Conduct pre-deployment security reviews of cloud architecture and CI/CD pipelines, ensuring embedded and tested controls.
- Define and track key risk and performance indicators (KRIs/KPIs) for areas including identity management, data protection, infrastructure resilience, and incident response.
- Lead the full third-party and outsourcing risk lifecycle, including due diligence, contract negotiation, and ongoing monitoring.
- Interpret and monitor regulatory updates (e.g., DORA, MiCAR, GDPR) and translate them into actionable control requirements and compliance evidence.
- Promote a security-conscious culture through training sessions, phishing simulations, and awareness programmes across business and engineering teams.
- Minimum of 7 years in information security, IT risk, or technology audit roles, ideally within a regulated fintech, bank, or SaaS environment.
- At least 3 years performing structured risk oversight, control testing, or governance responsibilities.
- Strong working knowledge of DORA, ISO 27001, GDPR, and at least one supervisory framework (e.g., EBA ICT/Security Guidelines, BaFin, FINMA, CSSF).
- Broad technical understanding across key domains such as access management, data protection, incident governance, vulnerability management, and third-party risk.
- Comfortable handling crypto-key management and security modules without requiring cryptography expertise.
- Excellent communication skills with the ability to distill complex technical issues into business-relevant terms; fluent English required, German an advantage.
- Holds a recognised certification such as CISSP, CISM, CISA, CRISC, CCSP, or ISO 27001 Lead Implementer/Auditor.
Key Skills
Ranked by relevance
gdpr
cybersecurity
embedded
cissp
cloud
cisa
cism
ccsp
saas
cicd
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Senior Android Engineer
2026-06-18
Full-time
Associate
United Kingdom
Financial Services
Information Technology
View Job Details
Related
Senior DevOps Platform Engineer
2026-06-18
Full-time
Not Applicable
Switzerland
Financial Services
Engineering
View Job Details
Related
Senior Cloud Platform Engineer (Multi-Cloud)
2026-06-17
Full-time
Mid-Senior
Finland
Banking
Engineering
Login to Apply
- Posted
- Aug 01, 2025
- Type
- Full-time
- Level
- Not Applicable
- Location
- Zurich
- Company
- Broadgate
Industries
Banking
Categories
Finance
Information Technology
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Senior Android Engineer
2026-06-18
Full-time
Associate
United Kingdom
Financial Services
Information Technology
View Job Details
Related
Senior DevOps Platform Engineer
2026-06-18
Full-time
Not Applicable
Switzerland
Financial Services
Engineering
View Job Details
Related
Senior Cloud Platform Engineer (Multi-Cloud)
2026-06-17
Full-time
Mid-Senior
Finland
Banking
Engineering